37 matches found
TYPO3 CMS 路径遍历漏洞
TYPO3 CMS is a content management system developed under the TYPO3 open source framework. Versions 11.0.0 to 11.5.50, 12.0.0 to 12.4.45, 13.0.0 to 13.4.30, and 14.0.0 to 14.3.2 of TYPO3 CMS contain a path traversal vulnerability. This vulnerability arises from backend users with file download...
CVE-2026-5515
IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user...
EUVD-2019-20155
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration...
Apache Tomcat: Apache Tomcat: Information disclosure via sensitive data in log files
A flaw was found in Apache Tomcat. The cloud membership for clustering component was vulnerable to the insertion of sensitive information into log files. This vulnerability could lead to the exposure of the Kubernetes bearer token, which is a credential used for authentication within a Kubernetes...
IBM InfoSphere Information Server 日志信息泄露漏洞
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server that...
CVE-2025-11891
CVE-2025-11891 : Shelf Planner (WordPress) up to version 2.7.0 exposes log files publicly, enabling unauthenticated access to sensitive information. Several connected sources (Wordfence, Patchstack, PT Security, CVE listings) corroborate the flaw and patch status. Patch available: Shelf Planner s...
WordPress plugin Shelf Planner 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
EUVD-2025-37343
A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data...
CVE-2025-40603
A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data...
CVE-2025-40603
SonicWall SMA100 Series appliances (SMA 210, 410, 500v) are affected by CVE-2025-40603. A remote, authenticated administrator may, under certain conditions, view partial user credential data via log files. SonicWall PSIRT provides a fixed-release remediation for SMA100 series; upgrade to the spec...
CVE-2025-10486
The CVE-2025-10486 entry concerns the WordPress Content Writer plugin. Publicly exposed log files allowed unauthenticated attackers to view sensitive information from all versions up to and including 3.6.8. The issue is categorized as unauthenticated information disclosure with a Network attack v...
EUVD-2024-48721
Malicious code in bioql PyPI...
CVE-2025-10744
The CVE concerns the WordPress plugin File Manager, Code Editor, and Backup by Managefy (versions up to 1.6.1). Publicly exposed log files allow unauthenticated attackers to view sensitive details, including full file paths and backup file locations. Technical details in connected sources confirm...
CVE-2025-36144
IBM Lakehouse watsonx.data 2.2 stores potentially sensitive information in log files that could be read by a local user...
IBM Watsonx.data Log Information Disclosure Vulnerability
IBM Watsonx.data is an open data lake warehouse platform from International Business Machines IBM. IBM Watsonx.data suffers from a log information disclosure vulnerability that stems from storing potentially sensitive information in log files, which can be exploited by an attacker to cause it to ...
CVE-2025-9985
The Featured Image from URL FIFU plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.7 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...
Linux Distros Unpatched Vulnerability : CVE-2019-10212
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the...
Linux Distros Unpatched Vulnerability : CVE-2020-15095
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like ://:@::/. The...
CVE-2023-22869
IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119...
CVE-2023-27256
Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers...