Lucene search
K

222 matches found

Snyk
Snyk
added 2025/11/24 4:24 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/31 8:48 a.m.3 views

CVE-2025-62232 Apache APISIX: basic-auth logs plaintext credentials at info level

Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords written to error logs and forwarded to log sinks when log level is INFO/DEBUG. This creates a high risk of credential compromise through log access. It has been fixed in the following commit: ...

6.5AI score0.00434EPSS
Exploits0References1
OSV
OSV
added 2025/10/31 8:48 a.m.6 views

CVE-2025-62232 Apache APISIX: basic-auth logs plaintext credentials at info level

Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords written to error logs and forwarded to log sinks when log level is INFO/DEBUG. This creates a high risk of credential compromise through log access. It has been fixed in the following commit: ...

7.5CVSS5.8AI score0.00434EPSS
Exploits0References4
CVE
CVE
added 2025/10/07 3:19 p.m.15 views

CVE-2023-53639

Technical details about CVE-2023-53639 are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories to obtain affected products, versions, and remediation information.

5.5CVSS6.2AI score0.00149EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-2229

Malware in sbrugna...

6.5CVSS5.4AI score0.00992EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-1435

Malware in sbrugna...

6.5CVSS6.4AI score0.00829EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-2002

Malware in sbrugna...

4.1CVSS4.5AI score0.01953EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-5976

Malware in sbrugna...

6.5CVSS5.4AI score0.00799EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-4936

Malware in sbrugna...

2.1CVSS6.4AI score0.00345EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-53818

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00594EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-36558

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00563EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2836

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01212EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-14907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with log level = 3 or above then the...

6.5CVSS6.5AI score0.03151EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-8565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs a...

5.5CVSS5.9AI score0.00512EPSS
Exploits0References2
Veracode
Veracode
added 2025/05/30 6:30 p.m.4 views

Sensitive Information Disclosure

github.com/edgelesssys/contrast is vulnerable to information disclosure. The vulnerability is due to improper logging configuration due to secrets being written to stderr and Kubernetes logs when the log level is set to info or debug, which is the default...

6.7AI score
Exploits0
Snyk
Snyk
added 2025/05/28 2:40 p.m.1 views

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File due to the logging configuration. An attacker can access sensitive information by exploiting the log output when the log level is set to info or debug. This is only exploitable if the...

8.5CVSS6.7AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/05/28 2:40 p.m.11 views

Contrast workload secrets leak to logs on INFO level

Impact When the Contrast initializer is configured with a CONTRASTLOGLEVEL of info or debug, the workload secret is logged to stderr and written to Kubernetes logs. Since info is the default setting, this affects all Contrast installations that don't customize their initializers' log level. The...

6.7AI score
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 6:48 a.m.10 views

CVE-2024-37283

An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic-agent.yml only when the log level is configured to debug. By default the log level is set to info, where no leak occurs...

6.5CVSS6.9AI score0.00563EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:7 a.m.13 views

CVE-2023-5339

Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged...

5.5CVSS7AI score0.00144EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:34 p.m.8 views

CVE-2021-32767

TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3...

6.5CVSS6.9AI score0.00829EPSS
Exploits0References1
Rows per page
Query Builder