XWiki Platform 安全漏洞

XWiki Platform is XWiki's open source suite of Wiki platforms for creating Web collaboration applications. A security vulnerability exists in XWiki Platform that stems from an XML export that may contain password and email attributes...

zhmcclient 安全漏洞

zhmcclient is a server interface to the zhmcclient open source. A security vulnerability exists in zhmcclient that stems from the fact that under certain circumstances, zhmcclient writes password-like attributes in plaintext to its HMC and API logs...

CVE-2023-4918

A flaw was found in the Keycloak package, more specifically org.keycloak.userprofile. When a user registers itself through registration flow, the "password" and "password-confirm" field from the form will occur as regular user attributes. All users and clients with proper rights and roles are abl...

CLSA-2023-1675372649 Fix CVE(s): CVE-2018-20217

SECURITY UPDATE: Possible KDC crash processing malformed S4U2Self request - debian/patches/CVE-2018-20217.patch: ignore password attributes for S4U2Self requests - CVE-2018-20217...

Information Disclosure Via Logs

fatfreecrm is vulnerable to information disclosure. The vulnerability exists because password related attributes such as passwordhash, passwordsalt and passwordconfirmation are not filtered from the logs, exposing sensitive information to malicious users...