CVE-2025-9955

An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to insufficient permission restrictions on internal SOAP admin services related to system logs and user-store configuration. A low-privileged user can access log data and user-store configuration details tha...

CVE-2025-9955

An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to insufficient permission restrictions on internal SOAP admin services related to system logs and user-store configuration. A low-privileged user can access log data and user-store configuration details tha...

Dell PowerEdge Platform 14G AMD BIOS Information Disclosure Vulnerability

Dell PowerEdge Platform 14G AMD BIOS is a BIOS system from Dell USA. The Dell PowerEdge Platform 14G AMD BIOS suffers from an information disclosure vulnerability that originates from end-of-buffer memory location access, which can be exploited by an attacker to gain access to internal system...

CVE-2019-25023

An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header which can be manipulated client-side is used for the internal application logs, an attacker can inject wrong IP addresses into these logs...

Cisco Nexus Dashboard 安全漏洞

Cisco Nexus Dashboard is a single console from Cisco, Inc. It can simplify the operation and management of data center networks. A security vulnerability exists in Cisco Nexus Dashboard that stems from the possibility that HTTP proxy credentials could be recorded in internal logs stored in...

Cisco Nexus Dashboard 安全漏洞

Cisco Nexus Dashboard is a single console from Cisco, Inc. It can simplify the operation and management of data center networks. A security vulnerability exists in Cisco Nexus Dashboard that originates when remote controller credentials are recorded in internal logs stored in technical support...

pixiv: Internal logs/info leaked via endpoint {https://203.137.128.240/server-status}

The server-status endpoint was accessible, allowing access to internal logs and information...

CVE-2023-46231

In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on...

Splunk Security Breach

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A...

Splunk Security Breach

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A...

PT-2024-1642 · Splunk · Splunk Add-On Builder

Name of the Vulnerable Software and Affected Versions: Splunk Add-on Builder versions prior to 4.1.4 Description: The issue is related to improper handling of log output, allowing a remote attacker to write arbitrary information to internal log files. This can lead to the exposure of sensitive...

CVE-2021-29759

IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged user to obtain sensitive information from internal log files. IBM X-Force ID: 202212...

CVE-2021-3417

An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials for Lenovo XClarity Administrator LXCA, if added as a Resource Manager, are encoded then written to an internal LXCO log file each time a session is established with LXCA. Affected logs are captured in...

Mining Splunk's Internal Logs

Splunk is great about logging its warnings and errors, but it wont tell you about them - you have to ask! As the leading machine-generated data analysis software, its not surprising that Splunk excels at creating robust logs. The current version of Splunk Enterprise v 8.05 generates 22 different...

Estée Lauder Exposes 440M Records, with Email Addresses, Network Info

A non-password protected cloud database containing hundreds of millions of customer records and internal logs for cosmetic giant Estée Lauder has been found exposed online, according to researchers. In all, 440,336,852 individual data pieces were exposed, according to researcher Jeremiah Fowler a...

Change Your Twitter Password Immediately, Bug Exposes Passwords in Plaintext

Twitter is urging all of its 330 million users to change their passwords after a software glitch unintentionally exposed its users' passwords by storing them in readable text on its internal computer system. The social media network disclosed the issue in an official blog post and a series of...