CVE-2020-13881

In support.c in pamtacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used...

CVE-2020-25249

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. The server typically logs activity only when a client application specifies that logging is desired. This can be problematic for use cases in...

CVE-2019-10343

Jenkins Configuration as Code Plugin 1.24 and earlier did not properly apply masking to values expected to be hidden when logging the configuration being applied...

CVE-2009-3000

The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv41 through snv122, when Network Cache Accelerator NCA logging is enabled, allows remote attackers to cause a denial of service panic via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7chttplog...

CVE-2025-31213

A logging issue was addressed with improved data redaction. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access associated usernames and websites in a user's iCloud Keychain...

CVE-2025-31213

A logging issue was addressed with improved data redaction. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access associated usernames and websites in a user's iCloud Keychain...

PT-2025-18133 · Snowflake · Libsnowflakeclient

Name of the Vulnerable Software and Affected Versions: libsnowflakeclient versions 0.5.0 through 2.2.0 Description: The issue concerns local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the targ...

Security Bulletin: Vulnerability in Elasticsearch (CVE-2023-49921) affects IBM Watson CP4D Data Stores

Summary A potential vulnerability CVE-2023-49921 has been identified related to Elasticsearch that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-49921 DESCRIPTION: An issue was...

CVE-2025-32698

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1...

CVE-2025-32382

Metabase is an open source Business Intelligence and Embedded Analytics tool. When admins change Snowflake connection details in Metabase either updating a password or changing password to private key or vice versa, Metabase would not always purge older Snowflake connection details from the...

CVE-2025-32382

Metabase (open source) had a vulnerability where, when admins updated Snowflake connection details, older connection credentials could remain in the application database. Metabase would cycle connection methods and, upon a successful one, log the details including username and password, risking c...

IntelliJ IDEA < 2024.2.4 / 2024.3 (macOS)

The version of IntelliJ IDEA installed on the remote host is prior to 2024.2.4, 2024.3. It is, therefore, affected by a vulnerability as referenced in the advisory. - In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file CVE-2025-32054 Note that Nessu...

CVE-2025-30677 Apache Pulsar IO Kafka Connector, Apache Pulsar IO Kafka Connect Adaptor: Sensitive information logged in Pulsar's Apache Kafka Connectors

Apache Pulsar contains multiple connectors for integrating with Apache Kafka. The Pulsar IO Apache Kafka Source Connector, Sink Connector, and Kafka Connect Adaptor Sink Connector log sensitive configuration properties in plain text in application logs. This vulnerability can lead to unintended...

CVE-2024-58133

In chainmaker-go aka ChainMaker before 2.4.0, when making frequent updates to a node's configuration file and restarting this node, concurrent writes by logger.go to a map are mishandled. Creating other logs simultaneously can lead to a read-write conflict and panic...

CVE-2025-32054

In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file...

CVE-2025-24202

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data...

CVE-2025-30424

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Deleting a conversation in Messages may expose user contact information in system logging...

CVE-2025-24283

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. An app may be able to access sensitive user data...

CVE-2025-24283

A logging issue was addressed with improved data redaction. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data...

CVE-2025-24283

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. An app may be able to access sensitive user data...