28 matches found
EUVD-2017-15763
Malware in sbrugna...
EUVD-2024-24395
Malicious code in bioql PyPI...
EUVD-2024-24420
Malicious code in bioql PyPI...
EUVD-2024-24398
Malicious code in bioql PyPI...
CVE-2025-3456
On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-config could then be used to obtain protoc...
CVE-2025-3456 On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-c
On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-config could then be used to obtain protoc...
CVE-2025-49846
wire-ios is an iOS client for the Wire secure messaging application. From Wire iOS 3.111.1 to before 3.124.1, messages that were visible in the view port have been logged to the iOS system logs in clear text. Wire application logs created and managed by the application itself were not affected,...
CVE-2025-49846
wire-ios is an iOS client for the Wire secure messaging application. From Wire iOS 3.111.1 to before 3.124.1, messages that were visible in the view port have been logged to the iOS system logs in clear text. Wire application logs created and managed by the application itself were not affected,...
CVE-2025-49846 wire-ios accidentally logs message contents
wire-ios is an iOS client for the Wire secure messaging application. From Wire iOS 3.111.1 to before 3.124.1, messages that were visible in the view port have been logged to the iOS system logs in clear text. Wire application logs created and managed by the application itself were not affected,...
CVE-2025-5760
The Simple History plugin for WordPress is vulnerable to sensitive data exposure via Detective Mode due to improper sanitization within the appenddebuginfotocontext function in versions prior to 5.8.1. When Detective Mode is enabled, the plugin’s logger captures the entire contents of $POST and...
CVE-2024-10404
CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text. The vulnerability could allow an authenticated, local attacker to view Brocade Fabric OS switch sensitive information in clear text. An attacker with administrative privileges could retrieve sensitive...
CVE-2024-12226
In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be written to the Kubernetes script pod log in clear-text. This was identified in Version 2 however it was determined that this could also be achieved in Version 1 and the fix was applied to both versions...
CVE-2024-12226
In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be written to the Kubernetes script pod log in clear-text. This was identified in Version 2 however it was determined that this could also be achieved in Version 1 and the fix was applied to both versions...
CVE-2024-53865 Python package "zhmcclient" has passwords in clear text in its HMC and API logs
zhmcclient is a pure Python client library for the IBM Z HMC Web Services API. In affected versions the Python package "zhmcclient" writes password-like properties in clear text into its HMC and API logs in the following cases: 1. The 'boot-ftp-password' and 'ssc-master-pw' properties when creati...
CVE-2024-6972
In affected versions of Octopus Server under certain circumstances it is possible for sensitive variables to be printed in the task log in clear-text...
CVE-2024-27157
The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL...
CVE-2024-27156
The session cookies, used for authentication, are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL...
CVE-2024-27157
CVE-2024-27157 affects Toshiba e-STUDIO MFPs. The vulnerability involves authentication sessions being stored in clear-text logs, enabling an observer with access to the logs to retrieve sessions and credentials, potentially bypassing authentication. Impact details are described across multiple s...
CVE-2024-27154
CVE-2024-27154 affects Toshiba multi-function printers (notably Toshiba e-STUDIO MFPs). The issue is that passwords are stored in clear-text logs, enabling an attacker with log access to retrieve passwords. Exploitation status is not documented in the provided sources. Impact is limited to disclo...
CVE-2024-27154 Passwords are stored in clear-text logs.
Passwords are stored in clear-text logs. An attacker can retrieve passwords. As for the affected products/models/versions, see the reference URL...