EUVD-2026-20888

Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these sensitive information could be accessed by an unauthorized...

CVE-2026-4901

Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these sensitive information could be accessed by an unauthorized...

CVE-2026-4901 Insertion of Sesitive Information into Log File in Hydrosystem Control System

Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these sensitive information could be accessed by an unauthorized...

CVE-2026-4901

CVE-2026-4901 relates to Hydrosystem Control System logging credentials to a log file. The description states that sensitive information, including user credentials, is written to logs, enabling an attacker to obtain further access. This issue is tied to CVE-2026-34184, which describes missing au...

Linux Distros Unpatched Vulnerability : CVE-2025-1075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written t...

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the form of credentials being passed as parameter values when registering a new user via the OpenTelemetry endpoint. These values may be passed in a cache-to/cache-from configuration a...

PT-2023-22270 · Lightbend · Alpakka Kafka

Name of the Vulnerable Software and Affected Versions: Lightbend Alpakka Kafka versions prior to 5.0.0 Description: The issue allows log files to contain credentials if plain cleartext login is configured, as the configuration is logged as debug information. This occurs in the...

PT-2023-18791 · Tigergraph · Tigergraph Enterprise Free Edition

Name of the Vulnerable Software and Affected Versions: TigerGraph Enterprise Free Edition versions 3.x Description: An issue was discovered where user credentials are logged. All authenticated GSQL access requests are logged by TigerGraph in multiple places, including both the username and passwo...

SUSE CVE-2021-25284

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...

CVE-2022-22939

VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or...

CVE-2020-11923

An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged...

PT-2021-9429 · Unknown · Wiz Colors A60

Name of the Vulnerable Software and Affected Versions: WiZ Colors A60 version 1.14.0 Description: An issue was discovered where API credentials are locally logged, potentially exposing sensitive information. Recommendations: For WiZ Colors A60 version 1.14.0, consider restricting access to the...

WiZ Connected WiZ Colors A60 安全漏洞

WiZ Connected WiZ Colors A60 is a smart LED light from China-based WiZ Connected. A security vulnerability exists in WiZ Colors A60 1.14.0 that stems from API credentials being logged locally...

CVE-2021-3417

An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials for Lenovo XClarity Administrator LXCA, if added as a Resource Manager, are encoded then written to an internal LXCO log file each time a session is established with LXCA. Affected logs are captured in...

CVE-2019-0069

On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device...

Ruby REST Client Information Disclosure Vulnerability

Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto.REST Client aka rest-client is one of the simple HTTP and REST client. A security vulnerability exists in Ruby REST Client versions prior to 1.7.3. Since t...