CVE-2023-45875

CVE-2023-45875 affects Couchbase Server 7.2.0, where a private key leak can occur in debug.log when adding a pre-7.0 node to a 7.2 cluster. The available connected sources describe the issue and its context but do not provide a specific remediation or patched version within the documents. Practic...

Information Disclosure

Apache Santuario - XML Security is vulnerable to Information Disclosure. The vulnerability is due to a key exposed as a part of debug log when debug level is enabled. This can lead to Information Disclosure if an attacker has access to the logs...

CVE-2023-44483 Apache Santuario: Private Key disclosure in debug-log output

All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are recommended to...

CVE-2023-44483 Apache Santuario: Private Key disclosure in debug-log output

All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are recommended to...

CVE-2023-5028

A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04CT2015Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log file. It is possible to launch the attack on the physical...

Information disclosure

A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04CT2015Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log file. It is possible to launch the attack on the physical...

CVE-2023-5028 China Unicom TEWA-800G debug log file

A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04CT2015Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log file. It is possible to launch the attack on the physical...

CVE-2023-5028

CVE-2023-5028 affects China Unicom TEWA-800G, version 4.16L.04_CT2015_Yueme. The issue is an information exposure through a debug log file that can be triggered on the physical device. Sources consistently describe the vulnerability as affecting an unknown functionality and note a relatively high...

CVE-2023-5028 China Unicom TEWA-800G debug log file

A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04CT2015Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log file. It is possible to launch the attack on the physical...

PT-2023-31524 · China Unicom · Tewa-800G

Name of the Vulnerable Software and Affected Versions: China Unicom TEWA-800G version 4.16L.04 CT2015 Yueme Description: A problematic issue has been found, affecting some unknown functionality, which leads to information exposure through a debug log file. The attack can be launched on the physic...

GHSA-55VQ-XPJF-R2XC Lightbend Alpakka Kafka logs credentials on debug level

Lightbend Alpakka Kafka before 4.0.2 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...

PT-2023-22034 · Malwarebytes · Malwarebytes Adwcleaner

Name of the Vulnerable Software and Affected Versions: Malwarebytes AdwCleaner version 8.4.0 Description: The issue allows a non-admin user to escalate privileges to SYSTEM via a symbolic link. This is due to an insecure file delete operation performed by Malwarebytes AdwCleaner on a...

K31757417: The BIG-IP APM system may log passwords in plaintext when the Debug log level is enabled

Security Advisory Description This issue occurs when all of the following conditions are met: You enable the Debug log level for the access policy. You configure the access policy on the BIG-IP APM system with either of the following: Citrix Login prompt with two-factor authentication Logon page...

SUSE CVE-2020-7237

Cacti 1.2.8 allows Remote Code Execution by privileged users via shell metacharacters in the Performance Boost Debug Log field of pollerautomation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance...

CVE-2022-33757

An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance...

Tenable Network Security Nessus 安全漏洞

Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security, USA. A security vulnerability exists in Nessus. An attacker can exploit this vulnerability to read Nessus debug log file attachments from the web UI without proper privileges...

CVE-2022-33757

An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance...

CVE-2022-33757

An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance...

CVE-2022-33757

The CVE-2022-33757 entry describes an information disclosure in Nessus where an authenticated attacker can read Nessus Debug Log file attachments via the web UI without proper privileges. Public-connected sources corroborate that this affects Nessus and its web interface, enabling disclosure of s...

PT-2022-33474 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue is related to the removal of a UUID from the s390 debug log in the vfio/ccw component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linu...