76 matches found
CVE-2024-0946
creationtimestamp| type| source ---|---|--- 2024-01-26 22:32:06+00:00| seen| https://t.me/ctinow/174507 2024-02-19 19:56:53+00:00| seen| https://t.me/ctinow/187890...
CVE-2023-41072
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data...
CVE-2022-30351
PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to...
CVE-2022-30351
PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to...
CVE-2022-30350
Avanquest Software RAD PDF PDFEscape Online 3.19.2.2 is vulnerable to Information Leak / Disclosure. The PDFEscape Online tool provides users with a "white out" functionality for redacting images, text, and other graphics from a PDF document. However, this mechanism does not remove underlying tex...
Information disclosure
PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to...
PT-2023-13007 Β· PdfzorroΒ +1 Β· PdfzorroΒ +1
Name of the Vulnerable Software and Affected Versions: PDFZorro PDFZorro Online version r20220428 TCPDF version 6.2.5 Description: The issue arises from the improper sanitization of redacted information in PDF files. Despite claims of correctly removing redacted data, the software fails to do so ...
CVE-2022-30351
The CVE-2022-30351 issue concerns PDFZorro Online r20220428 (and TCPDF 6.2.5). The root cause is improper sanitization of redacted content, allowing redacted text and embedded images to leak in some cases. When PDF text objects exist, copied redacted data can be pasted from the clipboard, and onc...
CVE-2022-30351
PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to...
GHSA-8VG2-WF3Q-MWV7 directus vulnerable to Insertion of Sensitive Information into Log File
Summary CWE-532: Insertion of Sensitive Information into Log File discovered in v9.23.1. The directusrefreshtoken is not redacted properly from the log outputs and can be used to impersonate users without their permission. Details Using v9.23.1, I am seeing that the directusrefreshtoken is not...
Google Pixel: Cropped or edited images can be recovered
Most of us have a camera on us at all times, and so photo taking and image sharing has become almost ubiquitous. But when sharing an image, you want to have control over what you share. And that might lead you to crop images, or redact parts of them. Maybe you cropped out a person that didn't wan...
Web log client "login unsuccessful" using nsroot
C:\NSWL\binnswl -start -f c:\nswl\etc\log.conf Debug log file is ./nswl.log-130620221156 & Log level is 1 NetScaler weblogging configuration file c:\nswl\etc\log.conf is correct Login unsuccessful nspe=redacted IP:user=nsroot!!!...
Potential uint underflow
Lines of code Vulnerability details Impact Potential underflow if shares is greater than totalSupply Proof of Concept Tools Used Manual review Recommended Mitigation Steps Before the following line, check if totalSupply is greater or equal to shares --- The text was updated successfully, but thes...
Redacted Documents Are Not as Secure as You Think
Popular redaction tools donβt always work as promised, and new attacks can reveal hidden information, researchers say...
CVE-2022-39292 Exposure of sensitive Slack webhook URLs in debug logs and traces
Slack Morphism is a modern client library for Slack Web/Events API/Socket Mode and Block Kit. Debug logs expose sensitive URLs for Slack webhooks that contain private information. The problem is fixed in version 1.3.2 which redacts sensitive URLs for webhooks. As a workaround, people who use Slac...
Jenkins Support Core Plugin stores sensitive data in plain text
Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle. Support Core Plugin 2.79.1 adds a list of keywords whose associated values are redacted...
More Military Cryptanalytics, Part III
Late last year, the NSA declassified and released a redacted version of Lambros D. Callimahoss Military Cryptanalytics, Part III. We just got most of the index. Its hard to believe that there are any real secrets left in this 44-year-old volume...
HackerOne: PII data Leakage through hackerone reports
Summary: I found PII data leakage through the HackerOne report. I found a link in one of the disclosed report that allow me to get the address and phone numbers of security researchers. Here I got the address and phone number of ββββ βββ Vulnerability Name: PII data Leakage through Steps to...
CVE-2021-22184
An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted...
Information disclosure
An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted...