CVE-2026-45739

Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.288.4 through 0.315.3, Strawberry's bundled GraphiQL template wrote values from the GraphiQL headers editor into the browser URL query string. If a user entered a sensitive header, such as Authorization: Bearer , the value...

CVE-2022-42132

The Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0 fix pack 102 and earlier, 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before update 4, and DXP 7.4 GA includes the LDAP credential in the page URL when paginating through the list of users, whic...

EUVD-2024-39432

Malicious code in bioql PyPI...

CVE-2025-30040 Missing authentication in API returning request logs containing session IDs

The vulnerability allows unauthenticated users to download a file containing session ID data by directly accessing the "/cgi-bin/CliniNET.prd/utils/userlogxls.pl" endpoint...

CVE-2025-30040 Missing authentication in API returning request logs containing session IDs

The vulnerability allows unauthenticated users to download a file containing session ID data by directly accessing the "/cgi-bin/CliniNET.prd/utils/userlogxls.pl" endpoint...

CVE-2024-38308

Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output...

CVE-2024-45091

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13 stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs...

PT-2025-2684 · Ibm · Ibm Urbancode Deploy

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy UCD versions 7.0 through 7.0.5.24 IBM UrbanCode Deploy UCD versions 7.1 through 7.1.2.10 IBM UrbanCode Deploy UCD versions 7.2 through 7.2.3.13 Description: The issue concerns the storage of potentially sensitive...

CVE-2024-42196

HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs...

CVE-2024-42196

HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs...

PT-2024-29791 · Hcl · Hcl Launch

Name of the Vulnerable Software and Affected Versions: HCL Launch affected versions not specified Description: The issue concerns HCL Launch storing potentially sensitive information in log files. This data could be accessed by a local user with permission to read HTTP request logs...

Information Disclosure

Liferay Portal is vulnerable to information disclosure. The vulnerability exists because of including the LDAP credential in the page URL when paginating through the list of users which allows an attacker to access to the request logs to see the LDAP credential...

CVE-2022-42132

The Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0 fix pack 102 and earlier, 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before update 4, and DXP 7.4 GA includes the LDAP credential in the page URL when paginating through the list of users, whic...

WordPress plugin LOGIN AND REGISTRATION ATTEMPTS LIMIT 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

Smart Mesh Topology Boosts Capacity and Performance

Recently we introduced our advanced architectural topology for ensuring that traffic inspection and request logs are maintained within the region. This capability is especially beneficial to our customers who need to meet certain regional compliance requirements, as is the case in Australia and...

Fedora 13 : boa-0.94.14-0.15.rc21.fc13 (2010-7599)

This update fixes CVE-2009-4496 where HTTP request logs were written without sanitizing non-printable characters. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...

Fedora 12 : boa-0.94.14-0.15.rc21.fc12 (2010-7640)

This update fixes CVE-2009-4496 where HTTP request logs were written without sanitizing non-printable characters. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...

RedHat 6.2 - Piranha Virtual Server Package Plaintext Password

source: https://www.securityfocus.com/bid/1367/info Password changes submitted to Red Hat Piranha via HTTP are insecurely passed as variables in a GET request. Unauthorized users could obtain the password by reading the httpd access log or by sniffing. ---------from...