CVE-2022-48228

An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It uses the root of the C: drive for the i-Dentify and Sentinel Installer log files, aka CORE-7362...

CVE-2022-22703

In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer...

PT-2022-21853 · Openvpn · Openvpn Access Server

Name of the Vulnerable Software and Affected Versions: OpenVPN Access Server versions 2.10.0 through 2.10.x and versions prior to 2.11.0, can be simplified to: OpenVPN Access Server versions 2.10.0 through 2.11.0, but since 2.11.0 is not included, it is more accurate to say: OpenVPN Access Server...

CVE-2022-22703

In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer...

Fortinet FortiClient 后置链接漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...

Default credentials

Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files...

CVE-2006-1183

The Ubuntu 5.10 installer does not properly clear passwords from the installer log file questions.dat, and leaves the log file with world-readable permissions, which allows local users to gain privileges...

Code injection

The Ubuntu 5.10 installer does not properly clear passwords from the installer log file questions.dat, and leaves the log file with world-readable permissions, which allows local users to gain privileges...