EUVD-2013-0043

Malware in sbrugna...

EUVD-1999-1261

Malware in sbrugna...

EUVD-2012-0074

Malware in sbrugna...

EUVD-2023-28634

Malicious code in bioql PyPI...

EUVD-2023-2709

Malicious code in bioql PyPI...

CVE-2025-3456

On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-config could then be used to obtain protoc...

CVE-2025-6392

Brocade SANnav prior to version 2.4.0a exposes database passwords in cleartext in audit logs generated by the daily data dump collector when docker exec commands run. Logs reside on the host VM local audit logs and are not controlled by SANnav, only visible to the host admin. Affected release is ...

CVE-2025-6392 Daily Data Dump Collector logs database password in cleartext when running docker exec commands (CVE-2025-6392)

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server...

Daily Data Dump Collector logs database password in cleartext when running docker exec commands (CVE-2025-6392)

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server...

CVE-2020-15370

Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. The vulnerability is due to incorrectly logging the user password in log files...

CVE-2019-15294

An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092MR2. Upon an upgrade, if a custom service account is in use and the visitor management service is installed, the Windows username and password for this service are logged in cleartext to the Commandcentre.log file...

Cleartext Storage in a File or on Disk

Overview pterodactyl/panel is a game management panel. Affected versions of this package are vulnerable to Cleartext Storage in a File or on Disk due to the logging of sensitive information in plain text when two-factor authentication is disabled. An attacker can potentially gain unauthorized...

CVE-2023-28616

An issue was discovered in Stormshield Network Security SNS before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends...

PT-2023-21849 · Stormshield · Stormshield Network Security

Name of the Vulnerable Software and Affected Versions: Stormshield Network Security SNS versions 4.3.x through 4.3.16 Stormshield Network Security SNS versions 4.4.x through 4.6.x before 4.6.4 Stormshield Network Security SNS versions 4.7.x before 4.7.1 Description: The issue affects user account...

CVE-2023-24547

On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running config...

PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly

An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to...

CVE-2020-2044

CVE-2020-2044 is an information-exposure issue in PAN-OS where an administrator password or other sensitive data can be logged in cleartext in opcmdhistory.log. Affected PAN-OS versions: 8.1.x before 8.1.16; 9.0.x before 9.0.10; 9.1.x before 9.1.3. The log file design change moves command history...

Design/Logic Flaw

389 Directory Server before 1.2.7.1 aka Red Hat Directory Server 8.2 and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password nsslapd-rootpw in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensiti...

CVE-2019-15294

Gallagher Command Centre 8.10 before 8.10.1092(MR2) is affected. If, during an upgrade, a custom service account is in use and the visitor management service is installed, the Windows username and password for that service are logged in cleartext to the Command_centre.log file. This constitutes a...

CVE-2019-15294

An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092MR2. Upon an upgrade, if a custom service account is in use and the visitor management service is installed, the Windows username and password for this service are logged in cleartext to the Commandcentre.log file...