EUVD-2019-19952

EquityPandit 1.0 contains an insecure logging vulnerability that allows attackers to capture sensitive user credentials by accessing developer console logs via Android Debug Bridge. Attackers can use adb logcat to extract plaintext passwords logged during the forgot password function, exposing us...

CVE-2019-25605

EquityPandit 1.0 contains an insecure logging vulnerability that allows attackers to capture sensitive user credentials by accessing developer console logs via Android Debug Bridge. Attackers can use adb logcat to extract plaintext passwords logged during the forgot password function, exposing us...

CVE-2019-25605

EquityPandit 1.0 contains an insecure logging vulnerability that exposes plaintext user credentials through Android Debug Bridge. Attackers could access developer console logs via adb logcat and extract passwords logged during the forgot password flow, compromising user account credentials. The i...

CVE-2019-25605 EquityPandit 1.0 Insecure Logging Information Disclosure

EquityPandit 1.0 contains an insecure logging vulnerability that allows attackers to capture sensitive user credentials by accessing developer console logs via Android Debug Bridge. Attackers can use adb logcat to extract plaintext passwords logged during the forgot password function, exposing us...

CVE-2019-25605

EquityPandit 1.0 contains an insecure logging vulnerability that allows attackers to capture sensitive user credentials by accessing developer console logs via Android Debug Bridge. Attackers can use adb logcat to extract plaintext passwords logged during the forgot password function, exposing us...

PT-2026-26993

EquityPandit 1.0 contains an insecure logging vulnerability that allows attackers to capture sensitive user credentials by accessing developer console logs via Android Debug Bridge. Attackers can use adb logcat to extract plaintext passwords logged during the forgot password function, exposing us...

EquityPandit 安全漏洞

EquityPandit is a service platform provided by EquityPandit Inc. that offers stock market analysis, investment advice, and market predictions. Version 1.0 of EquityPandit has a security vulnerability. This vulnerability stems from insecure logging practices, which could allow attackers to access...

CVE-2026-0936

CVE-2026-0936 affects B&R PVI client versions prior to 6.5. It describes an Insertion of Sensitive Information into Log File vulnerability where an authenticated local attacker could access credentials processed by the PVI client due to information written into logs. The logging function is disab...

TencentOS Server 4: skopeo (TSSA-2025:0634)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0634 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

EUVD-2018-18715

Malware in sbrugna...

PT-2025-37039

Name of the Vulnerable Software and Affected Versions: AxxonSoft Axxon One / AxxonNet versions 2.0.4 and earlier Description: The ARP Agent component in AxxonSoft Axxon One / AxxonNet contains a flaw where sensitive information is inserted into log files. A local attacker can obtain plaintext...

GHSA-QX7G-FX8Q-545G Para Inserts Sensitive Information into Log File for Facebook authentication

CWE ID: CWE-532 Insertion of Sensitive Information into Log File CVSS: 6.2 Medium Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Component: Facebook Authentication Logging Version: Para v1.50.6 File Path:...

Unauthorized Access

@directus/api is vulnerable to Unauthorized Data Access. The vulnerability is due to insecure logging practices. Specifically, the access token in the query string is not redacted when the LOGSTYLE is set to raw, allowing sensitive information to be exposed in system logs...

CVE-2024-53865

zhmcclient is a pure Python client library for the IBM Z HMC Web Services API. In affected versions the Python package "zhmcclient" writes password-like properties in clear text into its HMC and API logs in the following cases: 1. The 'boot-ftp-password' and 'ssc-master-pw' properties when creati...

GHSA-RJC6-VM4H-85CG Sensitive Information Exposure Through Insecure Logging For Secrets Like Metadata.DockerBuildArgs

Summary The AWS Serverless Application Model SAM CLI is an open source tool that allows customers to build, deploy and test their serverless applications built on AWS. AWS SAM CLI can build container Docker images and customers can specify arguments in the SAM template that are passed to the Dock...

CVE-2024-30701

This CVE-2024-30701 entry is rejected and does not represent an active vulnerability.

CVE-2024-30684

CVE-2024-30684 is rejected; this entry is not used and does not indicate an active vulnerability.

PT-2024-23579 · Unknown · Ros2 Galactic Geochelone

Name of the Vulnerable Software and Affected Versions: ROS2 Galactic Geochelone versions 2 Description: An insecure logging issue allows attackers to obtain sensitive information due to inadequate security measures in the logging mechanisms. Recommendations: For ROS2 Galactic Geochelone version 2...

PT-2024-23592 · Ros2 · Ros2

Name of the Vulnerable Software and Affected Versions: ROS2 Dashing Diademata versions 2 Description: An insecure logging issue allows attacks to obtain sensitive information due to inadequate security measures. Recommendations: For ROS2 Dashing Diademata version 2, update the logging configurati...

CVE-2024-21668 Insertion of Sensitive Information into Log File in react-native-mmkv

react-native-mmkv is a library that allows easy use of MMKV inside React Native applications. Before version 2.11.0, the react-native-mmkv logged the optional encryption key for the MMKV database into the Android system log. The key can be obtained by anyone with access to the Android Debugging...