SUSE CVE-2025-54376

Hoverfly is an open source API simulation tool. In versions 1.11.3 and prior, Hoverfly's admin WebSocket endpoint /api/v2/ws/logs is not protected by the same authentication middleware that guards the REST admin API. Consequently, an unauthenticated remote attacker can stream real-time applicatio...

CVE-2006-7162

PuTTY 0.59 and earlier uses weak file permissions for 1 ppk files containing private keys generated by puttygen and 2 session logs created by putty, which allows local users to gain sensitive information by reading these files...

CVE-2024-49355

CVE-2024-49355 affects IBM OpenPages with Watson 8.3 and 9.0. The vulnerability stems from the System Tracing feature writing improperly neutralized data to server log files when tracing is enabled, exposing potential sensitive information in logs. IBM's bulletin confirms the issue (CWE-117) with...

CVE-2024-52314

A data.all admin team member who has access to the customer-owned AWS Account where data.all is deployed may be able to extract user data from data.all application logs in data.all via CloudWatch log scanning for particular operations that interact with customer producer teams data...