Splunk Enterprise 日志信息泄露漏洞

Splunk Enterprise is a data collection and analysis software developed by the American company Splunk. Versions of Splunk Enterprise prior to 10.2.0, 10.0.2 prior to version 10.0.2, 9.4.7 prior to version 9.4.7, 9.3.9 prior to version 9.3.9, and 9.2.11 prior to version 9.2.11 have a vulnerability...

DuoLungo: Usability Study of Duo 2FA

Multi-Factor Authentication MFA enhances login security by requiring multiple authentication factors. Its adoption has increased in response to more frequent and sophisticated attacks. Duo is widely used by organizations including Fortune 500 companies and major educational institutions, yet its...

EUVD-2021-6959

Malicious code in bioql PyPI...

EUVD-2025-25387

Malicious code in bioql PyPI...

EUVD-2023-24386

Malicious code in bioql PyPI...

EUVD-2024-18007

Malicious code in bioql PyPI...

EUVD-2024-18016

Malicious code in bioql PyPI...

CVE-2025-20345

A vulnerability in the debug logging function of Cisco Duo Authentication Proxy could allow an authenticated, high-privileged, remote attacker to view sensitive information in a system log file. This vulnerability is due to insufficient masking of sensitive information before it is written to...

CVE-2025-20345

Cisco Duo Authentication Proxy is affected by a vulnerability in its debug logging function. The root cause is insufficient masking of sensitive information before it is written to system logs, allowing an authenticated, high-privileged attacker to view restricted data by accessing logs. The CVSS...

Cisco Duo Authentication Proxy Information Disclosure Vulnerability

A vulnerability in the debug logging function of Cisco Duo Authentication Proxy could allow an authenticated, high-privileged, remote attacker to view sensitive information in a system log file. This vulnerability is due to insufficient masking of sensitive information before it is written to...

Cisco Duo Authentication Proxy 信息泄露漏洞

Cisco Duo Authentication Proxy is a local security service from Cisco. An information disclosure vulnerability exists in Cisco Duo Authentication Proxy, which stems from insufficient masking of sensitive information in the system log file, which could lead to an elevated privilege user viewing...

PT-2025-34117 · Cisco · Cisco Duo Authentication Proxy

Name of the Vulnerable Software and Affected Versions: Cisco Duo Authentication Proxy affected versions not specified Description: A vulnerability in the debug logging function could allow an authenticated, high-privileged, remote attacker to access sensitive information in a system log file. Thi...

CVE-2024-20292

A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of an unencrypted registry key in certain...

CVE-2024-20301

A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of t...

CVE-2023-20207

A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability exists because certain unencrypted credentials are stored. An attacker could exploit this...

CVE-2024-20301

A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of t...

Input validation

A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of an unencrypted registry key in certain...

CVE-2024-20292

A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of an unencrypted registry key in certain...

CVE-2024-20292

A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of an unencrypted registry key in certain...

CVE-2024-20301

A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of t...