5 matches found
VulnCheck KEV: CVE-2023-40600
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0...
CVE-2023-29801
TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain multiple command injection vulnerabilities via the rtLogEnabled and rtLogServer parameters in the setSyslogCfg function...
TOTOLINK X18 命令注入漏洞
The TOTOLINK X18 is a mesh router system from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK X18 version V9.1.0cu.2024B20220329, which stems from multiple command injection vulnerabilities via the rtLogEnabled and rtLogServer parameters in the setSyslogCfg...
ansible: secrets disclosed on logs when no_log enabled
Ansible was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process...
ansible: secrets disclosed on logs when no_log enabled
Ansible was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process...