21 matches found
Docker Desktop < 4.43.0 Information Disclosure
The version of Docker Desktop is prior to 4.43.0. It is therefore affected by an information disclosure vulnerability. - System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information...
CVE-2025-13743 Expired Personal Access Tokens (PATs) are recorded in Docker Desktop diagnostic logs
Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This poses a risk of leaking sensitive information in exported diagnostics, especially when access denied errors occurred...
EUVD-2016-4179
Malware in sbrugna...
EUVD-2025-19843
Malicious code in bioql PyPI...
EUVD-2022-35933
Malicious code in bioql PyPI...
The vulnerability of the diagnostic logs of the Docker Desktop platform for developing and delivering container applications allows a malicious individual to gain unauthorized access to protected information.
The vulnerability of the diagnostic logs of the Docker Desktop platform for developing and delivering container applications is related to insufficient protection of registration data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...
CVE-2025-6587
System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain secrets and further use th...
CVE-2025-6587 Exposure of system environment variables in Docker Desktop diagnostic logs
System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain secrets and further use...
CVE-2025-6587
Docker Desktop CVE-2025-6587 concerns the logging of system environment variables in diagnostic logs when using shell auto-completion, potentially exposing API keys, passwords, or other secrets to anyone with read access to those logs. Multiple connected sources confirm the vulnerability affects ...
CVE-2025-6587 Exposure of system environment variables in Docker Desktop diagnostic logs
System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain secrets and further use...
PT-2024-28457 · Unknown · Smartplay Headunits
Name of the Vulnerable Software and Affected Versions: Smartplay headunits affected versions not specified Description: A misconfiguration in Smartplay headunits can lead to information disclosure, potentially leaking sensitive details such as diagnostic log traces, system logs, headunit password...
CVE-2023-41263
An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information...
CVE-2022-32867
This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs...
Design/Logic Flaw
This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs...
CVE-2022-32867
CVE-2022-32867 affects Apple iOS (Crash Reporter data handling) and macOS Ventura 13, where a user with physical access could read past diagnostic logs. Apple fixes: iOS 16 and macOS Ventura 13, per CVE context; CVSS shown as LOW (PHYSICAL access, no user interaction). No exploitation details are...
CVE-2022-32867
This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs...
PT-2022-21538 · Apple · Ios +1
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16 macOS versions prior to 13 Description: The issue allows a user with physical access to an iOS device to read past diagnostic logs. This was addressed with improved data protection. Recommendations: For iOS versions...
Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities
Talos Vulnerability Report TALOS-2022-1583 Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities October 20, 2022 CVE Number CVE-2022-35879,CVE-2022-35878,CVE-2022-35881,CVE-2022-35880 SUMMARY Four format string injection vulnerabilities exist in th...
About the security content of iOS 16
About the security content of iOS 16 This document describes the security content of iOS 16. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...
Iblessing - An iOS Security Exploiting Toolkit, It Mainly Includes Application Information Collection, Static Analysis And Dynamic Analysis
iblessing iblessing is an iOS security exploiting toolkit, it mainly includes application information collection , static analysis and dynamic analysis. iblessing is based on unicorn engine and capstone engine. Features Cross-platform: Tested on macOS and Ubuntu. iOS App static info extract,...