39 matches found
CVE-2026-9735 Keyfile contents are in MongoDB Server logs
MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parameters are written to the log without redaction...
PT-2026-39038
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description When KSMBD DEBUG AUTH logging is enabled, the functions generate smb3signingkey and generate smb3encryptionkey log session, signing, encryption, and decryption key bytes, which can lead ...
CVE-2026-28718
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
EUVD-2026-9953
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
CVE-2026-28718
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
CVE-2026-28718
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
Acronis Cyber Protect 安全漏洞
Acronis Cyber Protect is an enterprise-oriented network protection solution developed by the Swiss company Acronis. It combines features such as backup, anti-malware, network security, and endpoint management—including vulnerability assessment, URL filtering, patch management, etc. Versions of...
CVE-2026-28718
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
CVE-2026-28718
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
CVE-2026-28718
CVE-2026-28718 affects Acronis Cyber Protect 17 (Linux and Windows) prior to build 41186. The vulnerability arises from insufficient input validation in authentication logging, enabling a denial-of-service condition. Multiple connected sources (Red Hat, NVD, ENISA EUVD, CVE lists, and PT-Security...
CVE-2026-28718
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
PT-2026-23592
Name of the Vulnerable Software and Affected Versions Acronis Cyber Protect 17 versions prior to build 41186 Description A denial of service condition exists due to inadequate input validation within the authentication logging process. Recommendations Update Acronis Cyber Protect to build 41186 o...
UBUNTU-CVE-2026-0966
A flaw was found in libssh. The API function sshgethexa is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI Generic Security Service Application Program Interface authentication if the server's logging verbosity is se...
CVE-2025-62232
Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords written to error logs and forwarded to log sinks when log level is INFO/DEBUG. This creates a high risk of credential compromise through log access. It has been fixed in the following commit: ...
EUVD-2008-1400
Malware in sbrugna...
EUVD-2016-7179
Malware in sbrugna...
EUVD-2023-27050
Malicious code in bioql PyPI...
EUVD-2021-30215
Malicious code in bioql PyPI...
CVE-2025-50200 RabbitMQ Node can log Basic Auth header from an HTTP request
RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in request, including authorization headers which...
CVE-2023-22949
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is logging of user credentials. All authenticated GSQL access requests are logged by TigerGraph in multiple places. Each request includes both the username and password of the user in an easily decodable base64 form. That...