38 matches found
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File due to logging as unsanitized plaintext. An attacker can gain unauthorized access to sensitive information and potentially escalate privileges by accessing unsanitized logs containing...
EUVD-2022-42871
Malicious code in bioql PyPI...
CVE-2025-10221
CVE-2025-10221 concerns the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows. The root cause is insertion of sensitive information into TRACE log files, allowing a local attacker to read serialized JSON with passwords and obtain plaintext credentials....
CVE-2025-10221 Hardcoded Password Exposure in AxxonNet (C-WerkNet) ARP Agent Logs
Insertion of Sensitive Information into Log File CWE-532 in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows platforms allows a local attacker to obtain plaintext credentials via reading TRACE log files containing serialized JSON with passwords...
CVE-2025-10221 Hardcoded Password Exposure in AxxonNet (C-WerkNet) ARP Agent Logs
Insertion of Sensitive Information into Log File CWE-532 in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows platforms allows a local attacker to obtain plaintext credentials via reading TRACE log files containing serialized JSON with passwords...
CVE-2023-41676
An exposure of sensitive information to an unauthorized actor CWE-200 in FortiSIEM version 7.0.0 and before 6.7.5 may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs...
CVE-2022-3499
An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present...
User profile settings are not saved with WEM
User profile saved settings are not saved. UPM or WEM settings are missing in the registry key locations following = HKLM/Software/Policies/Citrix/UserProfileManager HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Norskale\Agent Host\UsvMachineConfigurationSettings...
CVE-2023-41676
An exposure of sensitive information to an unauthorized actor CWE-200 in FortiSIEM version 7.0.0 and before 6.7.5 may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs...
CVE-2023-41676
An exposure of sensitive information to an unauthorized actor CWE-200 in FortiSIEM version 7.0.0 and before 6.7.5 may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs...
Design/Logic Flaw
An exposure of sensitive information to an unauthorized actor CWE-200 in FortiSIEM version 7.0.0 and before 6.7.5 may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs...
CVE-2023-41676
An exposure of sensitive information to an unauthorized actor CWE-200 in FortiSIEM version 7.0.0 and before 6.7.5 may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs...
PT-2023-7268 · Microsoft +1 · Windows +1
Name of the Vulnerable Software and Affected Versions: FortiSIEM versions 6.7.5 and earlier FortiSIEM version 7.0.0 Description: The issue is related to insufficient protection of sensitive data, which may allow an unauthorized actor to obtain sensitive information. An attacker with access to...
Fortinet FortiSIEM 安全漏洞
Fortinet FortiSIEM is a suite of security information and event management systems from the American company Fiat Fortinet. The system includes features such as asset discovery, workflow automation and unified management. Fortinet FortiSIEM has an information disclosure vulnerability that...
TIBCO Software Hawk Trust Management Issue Vulnerability
TIBCO Software Hawk is a software product from TIBCO Software that allows monitoring and management of distributed computing applications. A security vulnerability exists in several products, including TIBCO Software Hawk, which stems from a vulnerability that allows an attacker to access the log...
CVE-2023-38067
In JetBrains TeamCity before 2023.05.1 build parameters of the "password" type could be written to the agent log...
PT-2023-26279 · Jetbrains · Jetbrains Teamcity +1
Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2023.05.1 Description: The issue concerns the potential exposure of sensitive information. In JetBrains TeamCity, build parameters of the password type could be written to the agent log, which could lead t...
CVE-2023-35800
Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators...
CVE-2023-35800
Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators...
Design/Logic Flaw
Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators...