CVE-2025-24202

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data...

CVE-2025-24202

CVE-2025-24202 affects Apple operating systems (iOS 18.4, iPadOS 18.4, macOS Sequoia 15.4). Root cause: a logging issue with insufficient data redaction in the logging subsystem. Impact: an app may access sensitive user data due to improper logging handling. Remediation: fixed in the listed patch...

CVE-2025-24202

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data...

CVE-2025-24283

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. An app may be able to access sensitive user data...

CVE-2025-24283

A logging issue was addressed with improved data redaction. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data...

CVE-2025-24283

CVE-2025-24283 describes a logging issue where sensitive user data could be exposed due to inadequate data redaction. The problem has been fixed in Apple platforms: visionOS 2.4, iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4. The CVE entry notes that an app may access sensitive user data as a res...

CVE-2025-30424

Summary: CVE-2025-30424 affects macOS logging related to Messages. The issue involves improper data redaction in system logs when deleting a conversation, potentially exposing user contact information. The root cause is a logging data handling problem that has been addressed with improved redacti...

CVE-2025-30424

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Deleting a conversation in Messages may expose user contact information in system logging...

PT-2025-13960 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.5 macOS Sequoia versions prior to 15.4 macOS Sonoma versions prior to 14.7.5 Description: A logging issue was addressed with improved data redaction. Deleting a conversation in Messages may expose user contact...

PT-2025-13957 · Apple · Visionos +4

Name of the Vulnerable Software and Affected Versions: visionOS versions prior to 2.4 iOS versions prior to 18.4 iPadOS versions prior to 18.4 macOS Sequoia versions prior to 15.4 Description: A logging issue was addressed with improved data redaction, which may have allowed an app to access...

CVE-2024-9606

CVE-2024-9606 — Improper API key masking in Litellm A vulnerability in berriai/litellm prior to 1.44.12 arises from the masking logic in litellm_logging.py, which only masks the first 5 characters of API keys. This allows leakage of most of the secret key in logs, as noted for version v1.44.9 and...

CVE-2025-22271 IP Spoofing in CyberArk Endpoint Privilege Manager

The application or its infrastructure allows for IP address spoofing by providing its own value in the "X-Forwarded-For" header. Thus, the action logging mechanism in the application loses accountability This issue affects CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of...

PT-2025-9090 · Cyberark · Cyberark Endpoint Privilege Manager

Name of the Vulnerable Software and Affected Versions: CyberArk Endpoint Privilege Manager in SaaS version 24.7.1 Description: The issue allows IP address spoofing by providing a custom value in the X-Forwarded-For header, which compromises the action logging mechanism's accountability...

CVE-2024-13513 Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.2.3 - Sensitive Information Exposure to Privilege Escalation

The Oliver POS – A WooCommerce Point of Sale POS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.2.3 via the logging functionality. This makes it possible for unauthenticated attackers to extract sensitive data including the plugin's...

CVE-2025-24169

A logging issue was addressed with improved data redaction. This issue is fixed in Safari 18.3, macOS Sequoia 15.3. A malicious app may be able to bypass browser extension authentication...

CVE-2025-24169

A logging issue was addressed with improved data redaction. This issue is fixed in Safari 18.3, macOS Sequoia 15.3. A malicious app may be able to bypass browser extension authentication...

TYPO3 13.4.3 (TYPO3-CORE-SA-2025-001)

The version of TYPO3 installed on the remote host is prior to 13.4.3. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2025-001 advisory. - It has been discovered that the Install Tool password has been logged as plaintext in case the password hashing mechanism use...

Security Bulletin: Vulnerability in Elasticsearch (CVE-2023-49921) affects IBM Watson CP4D Data Stores

Summary A potential vulnerability CVE-2023-49921 has been identified related to Elasticsearch that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-49921 DESCRIPTION: An issue was...

PT-2025-3767 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.4 through 17.5.5 GitLab CE/EE versions 17.6 through 17.6.3 GitLab CE/EE versions 17.7 through 17.7.1 Description: An issue was discovered in GitLab CE/EE where access tokens may have been logged when API requests were...

CVE-2024-54491

The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. A malicious application may be able to determine a user's current location...