Lucene search
K

49 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:30 a.m.8 views

CVE-2013-3273

EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by reading the trace log file...

2.1CVSS6.3AI score0.00336EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/08/28 12:34 p.m.5 views

kernel: wifi: iwlwifi: mvm: don't read past the mfuart notifcation

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't read past the mfuart notifcation In case the firmware sends a notification that claims it has more data than it has, we will read past that was allocated for the notification. Remove the print of the...

5.5CVSS6.8AI score0.00265EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/04/19 5:18 p.m.9 views

CVE-2023-30610 AWS SDK for Rust will log AWS credentials when TRACE-level logging is enabled for request sending

aws-sigv4 is a rust library for low level request signing in the aws cloud platform. The awssigv4::SigningParams struct had a derived Debug implementation. When debug-formatted, it would include a user's AWS access key, AWS secret key, and security token in plaintext. When TRACE-level logging is...

5.5CVSS5.5AI score0.00216EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.2 views

PT-2023-3900 · Amazon · Aws-Sigv4

Name of the Vulnerable Software and Affected Versions: aws-sigv4 versions prior to 0.55.1 aws-sigv4 version 0.54.2 aws-sigv4 version 0.53.2 aws-sigv4 version 0.52.1 aws-sigv4 version 0.51.1 aws-sigv4 version 0.50.1 aws-sigv4 version 0.49.1 aws-sigv4 version 0.48.1 aws-sigv4 version 0.47.1 aws-sig...

5.5CVSS7.2AI score0.00216EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 4:33 a.m.30 views

SUSE CVE-2018-3827

A sensitive data disclosure flaw was found in the Elasticsearch repository-azure formerly elasticsearch-cloud-azure plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged...

8.1CVSS6.5AI score0.01014EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.3 views

SUSE CVE-2020-11019

In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOGTRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0...

4.3CVSS6.4AI score0.02537EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.10 views

SUSE CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

5.3CVSS7AI score0.58716EPSS
Exploits2References12
Kitploit
Kitploit
added 2021/11/07 11:30 a.m.48 views

Etl-Parser - Event Trace Log File Parser In Pure Python

Event Trace Log file reader in pure Python etl-parser is a pure Python 3 parser library for ETL Windows log files. ETL is the default format for ETW as well as the default format for the Kernel logger. etl-parser has no system dependencies, and will work well on both Windows and Linux. Since this...

6.8AI score
Exploits0References1
OSV
OSV
added 2021/06/09 4:15 p.m.3 views

CVE-2020-15380

Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level...

7.5CVSS5.8AI score0.00986EPSS
Exploits0References1
Prion
Prion
added 2021/06/09 4:15 p.m.14 views

Design/Logic Flaw

Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level...

5CVSS7.6AI score0.00986EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/09 3:15 p.m.30 views

CVE-2020-15380

Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level...

7.6AI score0.00986EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/05/18 2:25 p.m.5 views

httpd: mod_http2 concurrent pool usage

A flaw was found in Apache httpd in versions 2.4.20 to 2.4.43. Logging using the wrong pool by modhttp2 at debug/trace log level may lead to potential crashes and denial of service. The highest threat from this vulnerability is to system availability...

7.5CVSS6.6AI score0.58716EPSS
Exploits2References5
Broadcom
Broadcom
added 2021/05/10 12:0 a.m.32 views

BSA-2021-1482

Security Advisory ID : BSA-2021-1482 Component : Logging Revision : 1.0 Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level. Affected Products Brocade SANnav versions before SANnav 2.1.1...

7.5CVSS7.6AI score0.00986EPSS
Exploits0
OSV
OSV
added 2020/08/07 4:15 p.m.6 views

ALPINE-CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

7.5CVSS7AI score0.58716EPSS
Exploits2References1
OSV
OSV
added 2019/11/08 6:15 p.m.3 views

CVE-2019-16206

The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information...

5.5CVSS6.1AI score0.00203EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/06 12:0 a.m.3 views

IBM Spectrum Protect Server Information Disclosure Vulnerability

IBM Spectrum Protect Server is a suite of data protection platforms from IBM in the United States that provide organizations with a single point of control and management and support for backup and recovery of virtual, physical and cloud environments of all sizes. A security vulnerability exists ...

4.4CVSS4.3AI score0.00388EPSS
Exploits0References1
OSV
OSV
added 2018/09/19 7:29 p.m.5 views

CVE-2018-3827

A sensitive data disclosure flaw was found in the Elasticsearch repository-azure formerly elasticsearch-cloud-azure plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged...

8.1CVSS5.7AI score0.01014EPSS
Exploits0References2
NVD
NVD
added 2017/09/19 5:29 p.m.19 views

CVE-2015-1849

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform EAP before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled...

5.9CVSS5.5AI score0.01716EPSS
Exploits1References4
Prion
Prion
added 2017/09/19 5:29 p.m.20 views

Cross site scripting

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform EAP before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled...

4.3CVSS6.6AI score0.01716EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2017/09/19 5:0 p.m.22 views

CVE-2015-1849

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform EAP before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled...

5.5AI score0.01716EPSS
Exploits1References4
Rows per page
Query Builder