Lucene search
K

51 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-50414

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00364EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/19 12:0 a.m.9 views

IBM QRadar SIEM 日志信息泄露漏洞

IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...

6.2CVSS5.5AI score0.00153EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:28 a.m.8 views

CVE-2023-5003

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...

7.5CVSS6.8AI score0.25855EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/23 3:54 a.m.12 views

CVE-2023-46171

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to view sensitive log information after enumerating filenames. IBM X-Force ID: 269408...

4.3CVSS5.8AI score0.00364EPSS
Exploits0References1
NVD
NVD
added 2025/04/09 12:15 p.m.29 views

CVE-2025-30677

Apache Pulsar contains multiple connectors for integrating with Apache Kafka. The Pulsar IO Apache Kafka Source Connector, Sink Connector, and Kafka Connect Adaptor Sink Connector log sensitive configuration properties in plain text in application logs. This vulnerability can lead to unintended...

6.5CVSS0.00607EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/31 10:24 p.m.16 views

CVE-2025-24262

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.4. A sandboxed app may be able to access sensitive user data in system logs...

0.00245EPSS
Exploits0References1
CVE
CVE
added 2025/02/13 12:0 a.m.202 views

CVE-2025-22960

The CVE-2025-22960 issue affects GatesAir Maxiva UAXT/VAXT transmitters, where the web-based management interface exposes log files at /logs/debug/xteLog* that can reveal session-related data (sess_id, user_check_password OK). Unauthenticated attackers could hijack active sessions and gain unauth...

8CVSS6.7AI score0.00388EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.5 views

PT-2024-9206

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions before 2.10.3 Description: The issue is related to the exposure of sensitive configuration variables in task logs. This could allow unauthorized users to access critical data, potentially compromising the security of t...

7.8CVSS7.1AI score0.01295EPSS
Exploits0References30
CNNVD
CNNVD
added 2024/09/26 12:0 a.m.7 views

Synology Drive 日志信息泄露漏洞

Synology Drive is a collaborative office suite from China-based Synology Inc. The product includes document management, collaborative office and file synchronization and backup features. A log information disclosure vulnerability exists in Synology Drive versions prior to 3.3.0-15082, which stems...

6.5CVSS6.2AI score0.00547EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/28 6:18 p.m.10 views

CVE-2023-43846

Incorrect access control in logs management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote attackers to get the device logs via HTTP GET request. The logs contain such information as user names and IP addresses used in the infrastructure. This information may help the...

6.8AI score0.00581EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/03/26 12:0 a.m.7 views

WordPress Plugin Backup and Restore 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.3CVSS6.2AI score0.00565EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/03/07 12:0 a.m.5 views

IBM DS8900F HMC 日志信息泄露漏洞

The IBM DS8900F HMC is an enterprise-class disk storage system from International Business Machines IBM for storing and managing large-scale enterprise data. The IBM DS8900F HMC suffers from a log information disclosure vulnerability that can be exploited by an attacker to view sensitive log...

4.3CVSS6AI score0.00364EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/08 7:0 p.m.29 views

CVE-2023-6383 Debug Log Manager < 2.3.0 - Sensitive Logs Exposure

The Debug Log Manager WordPress plugin before 2.3.0 contains a Directory listing vulnerability was discovered, which allows you to download the debug log without authorization and gain access to sensitive data...

7.8AI score0.00647EPSS
Exploits2References1
NVD
NVD
added 2023/10/16 8:15 p.m.51 views

CVE-2023-5003

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...

7.5CVSS7.6AI score0.25855EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/10/16 12:0 a.m.5 views

WordPress plugin Active Directory Integration / LDAP Integration security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability in the WordPress plugin...

7.5CVSS6.8AI score0.25855EPSS
Exploits2References2
OSV
OSV
added 2023/04/26 11:15 p.m.12 views

AZL-26342 CVE-2023-1786 affecting package cloud-init for versions less than 22.4-3

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...

5.5CVSS6.8AI score0.00263EPSS
Exploits0References1
OSV
OSV
added 2023/02/10 10:15 a.m.4 views

CVE-2022-34452

PowerPath Management Appliance with versions 3.3, 3.2, 3.1 & 3.0 contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs...

2.7CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2023/01/26 9:15 p.m.6 views

CVE-2022-20458

The logs of sensitive information PII or hardware identifier should only be printed in Android "userdebug" or "eng" build. StatusBarNotification.getKey could contain sensitive information. However, CarNotificationListener.java, it prints out the StatusBarNotification.getKey directly in logs, whic...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/20 12:0 a.m.4 views

IBM Cloud Pak for Security 日志信息泄露漏洞

IBM Cloud Pak for Security is an application from International Business Machines IBM, Inc. an open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated action faster. A log information disclosure vulnerability exists in IBM...

4.9CVSS5.3AI score0.00585EPSS
Exploits0References3
OSV
OSV
added 2022/11/03 8:15 p.m.6 views

CVE-2021-44862

Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user c...

7.8CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder