Towards Secure Logging: Characterizing and Benchmarking Logging Code Security Issues with LLMs

Logging code plays an important role in software systems by recording key events and behaviors, which are essential for debugging and monitoring. However, insecure logging practices can inadvertently expose sensitive information or enable attacks such as log injection, posing serious threats to...

List of Security Fixes and Improvements in Veeam Kasten for Kubernetes

Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Kasten for Kubernetes. This article aims to provide our customers' security and compliance teams with detailed information on security improvements. Full product release notes...

SUSE SLES16 Security Update : keylime (SUSE-SU-2025:21194-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21194-1 advisory. Update to version 7.13.0+40. Security issues fixed: - CVE-2025-13609: possible agent identity takeover due to registrar allowing t...

EUVD-2002-1573

Malware in sbrugna...

EUVD-2019-13412

Malware in sbrugna...

EUVD-2022-51867

Malicious code in bioql PyPI...

Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.20

Logging for Red Hat OpenShift - 5.8.20 Logging for Red Hat OpenShift - 5.8.20 logging-loki-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html （CVE-2024-45338）...

Docker Desktop < 4.41.0 Information Disclosure Vulnerability

The version of Docker Desktop for Linux is prior to 4.41.0. It is therefore affected by an information disclosure vulnerability. The Recording of environment variables, configured for running containers, in Docker Desktop application logs could lead to unintentional disclosure of sensitive...

ray vulnerable to Insertion of Sensitive Information into Log File

Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Information into Log File where the redis password is being logged in the standard logging. If the redis password is passed as an argument, it will be logged and could potentially leak the password. This is only...

CVE-2025-24705

creationtimestamp| type| source ---|---|--- 2025-01-24 21:47:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113885526591239017...

Moderate: Red Hat Security Advisory: Openshift Logging security and bug update (5.2.4)

An update is now available for OpenShift Logging 5.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in th...

PT-2021-8095 · Red Hat +3 · Ansible Tower +4

Name of the Vulnerable Software and Affected Versions: Red Hat Ansible Automation Platform versions prior to 1.2.2 Ansible Tower versions prior to 3.8.2 Description: A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in...

CVE-2018-3827

A sensitive data disclosure flaw was found in the Elasticsearch repository-azure formerly elasticsearch-cloud-azure plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged...

re, suidperl; more

hi, yes, i hoped to announce this bug to the perl-developers before it came public; but i think they read BQ ... Michal ... : So far, there are more security-releated apps which use /bin/mail for logging Once I was also fallen into thinking that it can be secure, until Dave Dittrich pointed that ...