7 matches found
CVE-2025-27391 Apache ActiveMQ Artemis: Passwords leaking from broker properties in the debug log
Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties are logged when the org.apache.activemq.artemis.core.config.impl.ConfigurationImpl logger has the debug level enabled. This issue affects Apache ActiveMQ Artemis: fro...
CVE-2023-48305 Nextcloud Server user_ldap app logs user passwords in the log file on level debug
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and Nextcloud Enterprise Server, when the log level was set to debug, the userldap app logged user passwords in...
PT-2023-16722 · Red Hat +1 · Rhds +1
Name of the Vulnerable Software and Affected Versions: RHDS versions 11 through 12 Description: A flaw was found in RHDS where LDAP tries to decode the userPassword attribute instead of the userCertificate attribute, potentially leading to sensitive information leakage. An attacker with a local...
CVE-2022-29071 This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vu ...
This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal CVP where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP user login passwords...
CVE-2019-15059
In Liberty lisPBX 2.0-4, configuration backup files can be retrieved remotely from /backup/lispbx-CONF-YYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without authentication or authorization. These configuration files have all PBX information including extension numbers, contacts, and passwor...
CVE-2010-4178
MySQL-GUI-tools mysql-administrator leaks passwords into process list after with launch of mysql text console...
ProCheckUp Security Advisory 2007.40
PR07-40: Authentication Bypass, Passwords Leakage and SNMP Injection on 3Com AP 8760 Vulnerability Found: 6th November 2007 Vendor Informed: 2nd May 2008 Date Public: 14th November 2008 Severity: Medium Credits: Adrian Pastor of ProCheckUp Ltd www.procheckup.com. Vulnerability 1: Description: The...