CVE-2022-50788 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Information Disclosure via Log Directory

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive log files. Attackers can directly browse the /log directory to retrieve system and sensitive information without authentication...

EUVD-2014-2897

Malware in sbrugna...

EUVD-2021-16233

Malware in sbrugna...

EUVD-2019-8042

Malware in sbrugna...

EUVD-2023-31034

Malicious code in bioql PyPI...

EUVD-2023-29597

Malicious code in bioql PyPI...

CVE-2020-29666

In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a user's cookie values and the predefined developer's cookie value...

Ubuntu 16.04 LTS / 18.04 LTS : Mistral vulnerabilities (USN-7465-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7465-1 advisory. It was discovered that Mistral incorrectly handled nested anchors in YAML files. An attacker could possibly use this issue to cause a denial ...

PT-2025-1441 · Ibm · Ibm Cloud Pak System

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak System versions 2.3.3.0 through 2.3.3.7 iFix1 Description: The issue allows an authenticated user to obtain sensitive information from log files. Recommendations: For IBM Cloud Pak System versions 2.3.3.0 through 2.3.3.7 iFix1,...

CVE-2023-27256

Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers...

Authentication flaw

Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers...

CVE-2023-27256 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers...

Cisco DNA Center Information Disclosure Vulnerability

Cisco Digital Network Architecture Center DNA Center is a set of digital network architecture solutions from the U.S. company Cisco Cisco. The program can extend and protect devices, applications, etc. within the network. An information disclosure vulnerability exists in Cisco DNA Center. The...

CVE-2017-6786

A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system. The vulnerability is due to improper protection of sensitive log files. An attacker...

Improper access control

Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests...

Trend Micro Virus Control System 1.8 - Information Disclosure

Trend Micro Virus Control System 1.8 - Information Disclosure source: https://www.securityfocus.com/bid/6618/info An information disclosure vulnerability has been reported for TVCS. Reportedly, it is possible for an attacker to access the log files generated by TVCS. The log files contain very...