51 matches found
EUVD-2023-50414
Malicious code in bioql PyPI...
IBM QRadar SIEM 日志信息泄露漏洞
IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...
CVE-2023-5003
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...
CVE-2023-46171
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to view sensitive log information after enumerating filenames. IBM X-Force ID: 269408...
CVE-2025-30677
Apache Pulsar contains multiple connectors for integrating with Apache Kafka. The Pulsar IO Apache Kafka Source Connector, Sink Connector, and Kafka Connect Adaptor Sink Connector log sensitive configuration properties in plain text in application logs. This vulnerability can lead to unintended...
CVE-2025-24262
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.4. A sandboxed app may be able to access sensitive user data in system logs...
CVE-2025-22960
The CVE-2025-22960 issue affects GatesAir Maxiva UAXT/VAXT transmitters, where the web-based management interface exposes log files at /logs/debug/xteLog* that can reveal session-related data (sess_id, user_check_password OK). Unauthenticated attackers could hijack active sessions and gain unauth...
PT-2024-9206
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions before 2.10.3 Description: The issue is related to the exposure of sensitive configuration variables in task logs. This could allow unauthorized users to access critical data, potentially compromising the security of t...
Synology Drive 日志信息泄露漏洞
Synology Drive is a collaborative office suite from China-based Synology Inc. The product includes document management, collaborative office and file synchronization and backup features. A log information disclosure vulnerability exists in Synology Drive versions prior to 3.3.0-15082, which stems...
CVE-2023-43846
Incorrect access control in logs management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote attackers to get the device logs via HTTP GET request. The logs contain such information as user names and IP addresses used in the infrastructure. This information may help the...
WordPress Plugin Backup and Restore 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
IBM DS8900F HMC 日志信息泄露漏洞
The IBM DS8900F HMC is an enterprise-class disk storage system from International Business Machines IBM for storing and managing large-scale enterprise data. The IBM DS8900F HMC suffers from a log information disclosure vulnerability that can be exploited by an attacker to view sensitive log...
CVE-2023-6383 Debug Log Manager < 2.3.0 - Sensitive Logs Exposure
The Debug Log Manager WordPress plugin before 2.3.0 contains a Directory listing vulnerability was discovered, which allows you to download the debug log without authorization and gain access to sensitive data...
CVE-2023-5003
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...
WordPress plugin Active Directory Integration / LDAP Integration security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability in the WordPress plugin...
AZL-26342 CVE-2023-1786 affecting package cloud-init for versions less than 22.4-3
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
CVE-2022-34452
PowerPath Management Appliance with versions 3.3, 3.2, 3.1 & 3.0 contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs...
CVE-2022-20458
The logs of sensitive information PII or hardware identifier should only be printed in Android "userdebug" or "eng" build. StatusBarNotification.getKey could contain sensitive information. However, CarNotificationListener.java, it prints out the StatusBarNotification.getKey directly in logs, whic...
IBM Cloud Pak for Security 日志信息泄露漏洞
IBM Cloud Pak for Security is an application from International Business Machines IBM, Inc. an open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated action faster. A log information disclosure vulnerability exists in IBM...
CVE-2021-44862
Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user c...