Lucene search
+L

76 matches found

NVD
NVD
added 2021/01/22 6:15 p.m.31 views

CVE-2021-21270

OctopusDSC is a PowerShell module with DSC resources that can be used to install and configure an Octopus Deploy Server and Tentacle agent. In OctopusDSC version 4.0.977 and earlier a customer API key used to connect to Octopus Server is exposed via logging in plaintext. This vulnerability is...

6.2CVSS6.2AI score0.00276EPSS
Exploits0References4
CNVD
CNVD
added 2019/07/16 12:0 a.m.7 views

Unspecified Vulnerability in JetBrains IntelliJ IDEA Ultimate

JetBrains IntelliJ IDEA Ultimate is a Czech JetBrains integrated development environment for the Java language. A security vulnerability exists in JetBrains IntelliJ IDEA Ultimate that originates from the program logging server credentials in plaintext to the IDE configuration file. An attacker...

8.1CVSS6.7AI score0.01153EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/14 12:0 a.m.5 views

RSA Archer Information Disclosure Vulnerability (CNVD-2019-08462)

Dell EMC RSA Archer is an enterprise IT governance and compliance governance product from Dell USA. The product enables the development of eGRC programs for managing enterprise risk, automating business processes, and more. An information disclosure vulnerability exists in Dell EMC RSA Archer...

7.8CVSS5.9AI score0.00349EPSS
Exploits0References1
CNVD
CNVD
added 2019/01/18 12:0 a.m.3 views

Juniper ATP Information Disclosure Vulnerability (CNVD-2019-24380)

Juniper Advanced Threat Prevention ATP is a suite of advanced threat protection platforms from Juniper Networks. The product supports malware detection, file analysis, and malicious IP address and URL blocking. An information disclosure vulnerability exists in Juniper ATP version 5.0.3 prior to...

7.1CVSS6AI score0.00336EPSS
Exploits0References1
Veracode
Veracode
added 2019/01/15 8:57 a.m.32 views

Information Disclosure

jboss-as-web is vulnerable to information disclosure attacks. The vulnerability exists as the security audit functionality in Red Hat JBoss Enterprise Application Platform EAP 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the l...

1.9CVSS8.4AI score0.00346EPSS
Exploits1References6Affected Software1
RedHat Linux
RedHat Linux
added 2018/12/04 6:27 p.m.6 views

ansible: become password logged in plaintext when used with PowerShell on Windows

Execution of Ansible content on Microsoft's Windows platform with Powershell 5 or higher may disclose sensitive execution details including 'become' passwords, Ansible module arguments, and return values via Powershell's 'suspicious scriptblock logging' feature, which is enabled by default. The...

4.4CVSS7.4AI score0.00535EPSS
Exploits0References5
Veracode
Veracode
added 2018/03/29 12:42 a.m.11 views

Information Disclosure

sensu is vulnerable to information disclosure. The library does not properly redact passwords or keys in arrays and hashmaps, causing the sensitive information to be logged as plaintext...

9.8CVSS8.7AI score0.02404EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2015/05/15 6:23 p.m.13 views

MGASA-2015-0227 Updated ruby-rest-client packages fix security vulnerabilities

Updated ruby-rest-client packages fix security vulnerability: When Ruby rest-client processes an HTTP redirection response, it blindly passes along the values from any Set-Cookie headers to the redirection target, regardless of domain, path, or expiration. This can be used in a session fixation...

9.8CVSS7.7AI score0.04345EPSS
Exploits0References5
Mageia
Mageia
added 2015/05/15 6:23 p.m.54 views

Updated ruby-rest-client packages fix security vulnerabilities

Updated ruby-rest-client packages fix security vulnerability: When Ruby rest-client processes an HTTP redirection response, it blindly passes along the values from any Set-Cookie headers to the redirection target, regardless of domain, path, or expiration. This can be used in a session fixation...

9.8CVSS9.3AI score0.04345EPSS
Exploits0References4
Cvelist
Cvelist
added 2014/02/26 3:0 p.m.36 views

CVE-2014-0058

The security audit functionality in Red Hat JBoss Enterprise Application Platform EAP 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files...

6.1AI score0.00346EPSS
Exploits1References4
CVE
CVE
added 2014/02/26 3:0 p.m.99 views

CVE-2014-0058

CVE-2014-0058 affects Red Hat JBoss EAP 6.x prior to 6.2.1. The security audit feature logs request parameters in plaintext, which could let a local attacker with access to audit logs obtain passwords or credentials. Public references in connected documents confirm Red Hat addressed this via a se...

1.9CVSS8.6AI score0.00346EPSS
Exploits1References4Affected Software1
Cisco
Cisco
added 2013/10/10 5:45 p.m.34 views

Cisco Prime Central for HCS Portal Credentials Access Vulnerability

A vulnerability in Cisco Prime Central for HCS portal could allow an authenticated, local attacker to retrieve the credentials for accounts. The vulnerability is due to plaintext logging of credentials to temporary files with inadequate permissions. An attacker could exploit this vulnerability by...

4.3CVSS2.3AI score0.00281EPSS
Exploits0References1
OSV
OSV
added 2013/05/21 6:55 p.m.13 views

CVE-2013-2006

OpenStack Identity Keystone Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the 1 admintoken and 2 LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file...

5.9AI score
Exploits0References9
UbuntuCve
UbuntuCve
added 2013/05/21 6:55 p.m.27 views

CVE-2013-2006

OpenStack Identity Keystone Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the 1 admintoken and 2 LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file...

2.1CVSS5.9AI score0.00602EPSS
Exploits0References3
Cvelist
Cvelist
added 2013/05/21 6:0 p.m.43 views

CVE-2013-2006

OpenStack Identity Keystone Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the 1 admintoken and 2 LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file...

5.8AI score0.00602EPSS
Exploits0References9
CVE
CVE
added 2012/07/03 4:0 p.m.69 views

CVE-2012-2746

CVE-2012-2746 affects 389-ds-base/Red Hat Directory Server prior to 1.2.11.6: when an LDAP user password is changed and audit logging is enabled, the new password is saved to logs in plain text, permitting remote authenticated users to read it. Affected version note appears in multiple advisories...

2.1CVSS6.2AI score0.01329EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder