23 matches found
CVE-2026-25193
Insertion of Sensitive Information into Log File CWE-532 in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account not the default Network Service account are...
CVE-2026-25193
Insertion of Sensitive Information into Log File CWE-532 in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account not the default Network Service account are...
EUVD-2026-31636
Insertion of Sensitive Information into Log File CWE-532 in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account not the default Network Service account are...
CVE-2026-25193
CVE-2026-25193 affects Gallagher Command Centre Service installers. The issue is CWE-532: insertion of sensitive information into log files, which could expose service account credentials. Exploitation is described as a local attack vector with low complexity and requires user interaction per CVS...
CVE-2026-25193
Insertion of Sensitive Information into Log File CWE-532 in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account not the default Network Service account are...
CVE-2026-25193
Insertion of Sensitive Information into Log File CWE-532 in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account not the default Network Service account are...
CVE-2026-25193
Insertion of Sensitive Information into Log File CWE-532 in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account not the default Network Service account are...
PT-2026-43004
Insertion of Sensitive Information into Log File CWE-532 in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account not the default Network Service account are...
MAL-2026-3678 Malicious code in 8q (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a10addd46910ba157e59c0c301c15ea56de73adb23c4d3422520b67876cdc0e The package's declared main entry router.js is an IIFE that runs the moment an installer's code executes require'8q' or import '8q'. On load it...
EUVD-2019-13723
Malware in sbrugna...
Internal Error 2869 when Installing Hotfixes on XenApp 6.x
Errors occur when installing hotfixes on a XenApp 6.0 server usingthe manual method. The manual installation method included: Right-clicking on the .msp hotfix package and selecting Apply Double-clicking on the .msp hotfix package The errordisplayed is a message box with the following dialog:...
CVE-2022-48228
An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It uses the root of the C: drive for the i-Dentify and Sentinel Installer log files, aka CORE-7362...
PT-2023-15625 · Acuant · Acuant Asureid Sentinel
Name of the Vulnerable Software and Affected Versions: Acuant AsureID Sentinel versions prior to 5.2.149 Description: An issue was discovered where the software uses the root of the C: drive for the i-Dentify and Sentinel Installer log files. Recommendations: For versions prior to 5.2.149, update...
Stormshield SSO 日志信息泄露漏洞
Stormshield SES Evolution is a security solution from the French company Stormshield. A security vulnerability exists in Stormshield SSO that stems from plaintext user passwords and PSKs being included in the log files of the .exe installer...
CVE-2021-34408
The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. This could allow for potential privilege escalation if a link was created between the user writable...
MTN Group: XMLRPC, Enabling XPSA and Bruteforce and DOS + A file disclosing installer-logs.
Summary: XMLRPC+Installerlogs+BackupFilename+Adminusername+disclosure Steps To Reproduce: 1. I was able to successfully exploit XMLRPC with the traditional method, the brute-force was done the username was there in the Installer Logs 2. path to XMLRPC is http://13.92.255.102/xmlrpc.php + the...
IBM Cloud Private Information Disclosure Vulnerability (CNVD-2019-32442)
IBM Cloud Private is a set of enterprise private cloud solutions from IBM USA. The product is built primarily on Kubernetes and container technology. An information disclosure vulnerability exists in IBM Cloud Private. An attacker can exploit this vulnerability to obtain sensitive information in...
CVE-2019-4116
IBM Cloud Private 2.1.0, 3.1.0, and 3.1.1 could disclose highly sensitive information in installer logs that could be use for further attacks against the system. IBM X-Force ID: 158115...
CVE-2019-4116
IBM Cloud Private 2.1.0, 3.1.0, and 3.1.1 could disclose highly sensitive information in installer logs that could be use for further attacks against the system. IBM X-Force ID: 158115...
Design/Logic Flaw
IBM Cloud Private 2.1.0, 3.1.0, and 3.1.1 could disclose highly sensitive information in installer logs that could be use for further attacks against the system. IBM X-Force ID: 158115...