14 matches found
Exposure of Sensitive Information
Overview zpdatafetch is an A package for fetching data from Zwiftpower and Zwiftracing.app Affected versions of this package are vulnerable to Exposure of Sensitive Information via several improper security practices, including logging of credentials in stdout, a lack of certificated validation,...
EUVD-2019-2961
Malware in sbrugna...
EUVD-2017-0275
Malware in sbrugna...
Fortra Application Hub 日志信息泄露漏洞
Fortra Application Hub is an application center from Fortra. A security vulnerability exists in Fortra Application Hub versions prior to 1.3 that stems from the IAM or CORE service recording credentials in iam log files under certain logging settings, leading to the disclosure of sensitive...
AZL-42880 CVE-2024-6104 affecting package cert-manager for versions less than 1.12.12-3
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7...
VMware ESXi和vCenter Server 信息泄露漏洞
VMware ESXi and VMware vCenter Server are both products of VMware, Inc. VMware ESXi is a server virtualization platform that can be installed directly on physical servers. vMware vCenter Server is a suite of server and virtualization management software. The software provides a centralized platfo...
CVE-2021-25284
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...
Design/Logic Flaw
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...
PYSEC-2021-53
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...
CVE-2021-25284
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...
CVE-2021-25284
Removed by vendor...
Saltstack SaltStack Salt 安全漏洞
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions prior to Salt 3002.5 that stems from the ability to log...
MGASA-2019-0309 Updated ansible packages fix security vulnerabilities
Updated ansible package fixes security vulnerabilities: ansible-playbook -k and ansible cli tools prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them CVE-2019-10206. Ansible was...
ansible: secrets disclosed on logs when no_log enabled
Ansible was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process...