EUVD-2026-31438

Insertion of sensitive information into log file vulnerability in syslink software AG Avantra on Linux, Windows allows Resource Leak Exposure. This issue affects Avantra: before 25.3.0...

CVE-2026-0936

An Insertion of Sensitive Information into Log File vulnerability in B PVI client versions prior to 6.5 may be abused by an authenticated local attacker to gather credential information which is processed by the PVI client application. The logging function of the PVI client application is disable...

CVE-2025-59003

Insertion of Sensitive Information Into Sent Data vulnerability in inkthemescom ColorWay colorway allows Retrieve Embedded Sensitive Data.This issue affects ColorWay: from n/a through = 4.2.3...

PT-2025-54345

Name of the Vulnerable Software and Affected Versions Vladimir Statsenko Terms descriptions versions through 3.4.9 Description A flaw exists in Vladimir Statsenko Terms descriptions that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data...

PT-2025-54357

Name of the Vulnerable Software and Affected Versions Efí Bank Gerencianet Oficial versions through 3.1.3 Description An issue exists in Efí Bank Gerencianet Oficial that allows retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations Upda...

WordPress Blockspare plugin sensitive information insertion vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Blockspare plugin suffers from a sensitive information insertion vulnerability that originates from inserting sensitive information in sent data, which can be...

WordPress plugin Blockspare 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Blockspare plugin suffers from a sensitive information insertion vulnerability that originates from inserting sensitive information in sent data, which can be...

EUVD-2025-24228

Malicious code in bioql PyPI...

EUVD-2025-25329

Malicious code in bioql PyPI...

PT-2025-39572

Name of the Vulnerable Software and Affected Versions Themelooks FoodBook versions through 4.7.1 Description An issue exists in Themelooks FoodBook that allows for the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update to a versio...

WordPress <= 6.8.2 Multiple Vulnerabilities (Sep 2025) - Windows

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

CVE-2025-53988

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Retrieve Embedded Sensitive Data.This issue affects JetBlocks For Elementor: from n/a through = 1.3.18...

CVE-2025-53992 WordPress JetTricks <= 1.5.4.1 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetTricks jet-tricks allows Retrieve Embedded Sensitive Data.This issue affects JetTricks: from n/a through = 1.5.4.1...

PT-2025-32630

Name of the Vulnerable Software and Affected Versions: GiveWP versions prior to 4.6.1 Description: GiveWP contains a flaw related to the insertion of sensitive information into sent data, allowing retrieval of embedded sensitive data. Recommendations: Update GiveWP to version 4.6.1 or later...

Security Bulletin: IBM Storage Ceph is vulnerable to the Insertion of Sensitive Information Into Sent Data in the RHEL UBI (CVE-2023-46218)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-46218. Vulnerability Details CVEID:CVE-2023-46218 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security...

CVE-2024-31200

A “CWE-201: Insertion of Sensitive Information Into Sent Data” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext when an administrative session is open in the browser...

CVE-2024-31404

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler...

CVE-2024-31247

Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG Drupal to WordPress.This issue affects FG Drupal to WordPress: from n/a through 3.70.3...

CVE-2023-46668 Elastic Endpoint Insertion of Sensitive Information into Log File

If Elastic Endpoint v7.9.0 - v8.10.3 is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in...

Design/Logic Flaw

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...