Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/28 8:25 p.m.10 views

Security Bulletin: IBM® Db2® is vulnerable to credential exposure in db2diag when executing specific testcase buckets (CVE-2025-13755)

Summary IBM® Db2® is vulnerable to credential exposure in db2diag when executing specific testcase buckets. Vulnerability Details CVEID:CVE-2025-13755 DESCRIPTION: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially...

5.5CVSS5.7AI score0.00108EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/10 2:12 a.m.5 views

CVE-2025-70040

An issue pertaining to CWE-532: Insertion of Sensitive Information into Log File was discovered in LupinLin1 jimeng-web-mcp v2.1.2. This allows an attacker to obtain sensitive information...

5.3CVSS5.8AI score0.00241EPSS
Exploits0References1
OSV
OSV
added 2025/10/11 1:20 p.m.8 views

OESA-2025-2384 xml-security security update

The XML Security project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards : - XML-Signature Syntax and Processing; and - XML Encryption Syntax and Processing. Security Fixes: All versions of Apache Santuario - XML Security for Java...

6.5CVSS6.9AI score0.01212EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-51666

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00329EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/29 10:5 p.m.10 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Apache XML Security for Java.

Summary Multiple vulnerabilities in Apache XML Security for Java that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2024-20945 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a local authenticated attacker...

6.5CVSS6.1AI score0.01212EPSS
Exploits0Affected Software1
CVE
CVE
added 2025/06/05 4:40 p.m.63 views

CVE-2025-49009

Para’s CVE-2025-49009 affects the Para server (Facebook authentication flow) via FacebookAuthFilter.java, where a failed request to Facebook’s profile endpoint logs the full URL including the user’s access token in plaintext. The issue exists in versions prior to 1.50.8 and is mitigated by upgrad...

6.2CVSS6.3AI score0.00145EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/12 12:0 a.m.4 views

PT-2024-10886 · Opentext · Opentext Edirectory

Name of the Vulnerable Software and Affected Versions: OpenText eDirectory version 9.2.4.0000 Description: A Possible Insertion of Sensitive Information into Log File issue has been discovered in eDirectory. This issue affects the logging mechanism, potentially allowing sensitive information to b...

9.1CVSS9.4AI score0.00438EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/13 9:16 a.m.10 views

go-retryablehttp: url might write sensitive information to log file

A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information...

6CVSS7.1AI score0.00358EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/31 12:0 a.m.7 views

PT-2024-38015 · Cato Networks · Cato Networks Sdp Client

Name of the Vulnerable Software and Affected Versions: Cato Networks SDP Client versions prior to 5.10.34 Description: A vulnerability in Cato Networks SDP Client on Windows allows the insertion of sensitive information into the log file, which can lead to an account takeover. However, the attack...

6.5CVSS6.8AI score0.00227EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.32 views

Mandrake Linux Security Advisory : samba (MDKSA-2001:062)

Michal Zalewski has found a vulnerability in all versions of Samba prior to 2.0.10 where if a client sends an invalid netbios name Samba could be tricked into appending it's log to files writable by root. This can be very dangerous if combined with a symlink created by a local user. Note that the...

10CVSS5.5AI score0.12032EPSS
Exploits1References2
Rows per page
Query Builder