CVE-2025-11910

CVE-2025-11910 affects Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The vulnerability lies in the function Query of the file /MemoryState.do?Action=Query, where manipulating the argument orderField enables a SQL injection. The issue is exploitable remotely, and public exploit information h...

CVE-2024-52067

CVE-2024-52067 affects Apache NiFi 1.16.0–1.28.0 and 2.0.0-M1–2.0.0-M4. The issue is optional debug logging of Parameter Context values during flow synchronization, which an authorized admin could enable to write parameter names and values to logs. Deployments with the default Logback config do n...

K02705117: The BIG-IP ASM system may fail to properly mask the value of a configured sensitive parameter in the request event log

Security Advisory Description When you configure a sensitive parameter for a security policy, the BIG-IP ASM system may fail to properly mask the value in the request log. This issue occurs when all of the following conditions are met: You enabled the Cross-Site Request Forgery CSRF Protection...

K86285055: The BIG-IP ASM system may fail to mask sensitive parameter for an Allowed URL in the Referrer header and logs

Security Advisory Description The BIG-IP ASM system may fail to mask a sensitive parameter for an Allowed URL. This issue occurs when all of the following conditions are met: You configured an Allowed HTTP URL enabled with the following settings in a security policy: Check Flows to this URL URL i...

K33572148: The BIG-IP ASM system may fail to mask a configured sensitive parameter in the Referer header value

Security Advisory Description The BIG-IP ASM system may fail to mask a configured sensitive parameter in the Referer header value. This issue occurs when all of the following conditions are met: You configured a sensitive parameter located in Security Application Security Parameters Sensitive...

Information Disclosure

bolt is vulnerable to information disclosure. The vulnerability exists in the startplan function in connection.rb due to submitting sensitive parameter values to the orchestrator service when running plans over the PCP transport which allows an attacker to gain access to sensitive information...

CVE-2022-2394 Sensitive Parameter Exposure in Puppet Bolt prior to 3.24

Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise...

GHSA-W4FJ-CCR6-7PCP Apache NiFi Insertion of Sensitive Information into Log File

An information disclosure vulnerability was found in Apache NiFi 1.10.0. The sensitive parameter parser would log parsed values for debugging purposes. This would expose literal values entered in a sensitive property when no parameter was present...

Apache NiFi Insertion of Sensitive Information into Log File

An information disclosure vulnerability was found in Apache NiFi 1.10.0. The sensitive parameter parser would log parsed values for debugging purposes. This would expose literal values entered in a sensitive property when no parameter was present...

CVE-2020-1928

An information disclosure vulnerability was found in Apache NiFi 1.10.0. The sensitive parameter parser would log parsed values for debugging purposes. This would expose literal values entered in a sensitive property when no parameter was present...

CVE-2020-1928

An information disclosure vulnerability was found in Apache NiFi 1.10.0. The sensitive parameter parser would log parsed values for debugging purposes. This would expose literal values entered in a sensitive property when no parameter was present...

Information disclosure

An information disclosure vulnerability was found in Apache NiFi 1.10.0. The sensitive parameter parser would log parsed values for debugging purposes. This would expose literal values entered in a sensitive property when no parameter was present...

JetBrains Security Bulletin Q4 2018

News Security JetBrains Security Bulletin Q4 2018 Robert Demmer We have resolved a series of security issues in our products in the fourth quarter of 2018. Here’s a report summary with descriptions of each issue and the version in which they were resolved. Product | Description | Severity |...