Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2025-04-08 CVE-2025-25002 Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network.
low complexity
CWE-532
6.8
6.8
2025-03-29 CVE-2024-7577 IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product.
network
high complexity
CWE-532
4.4
4.4
2025-03-27 CVE-2025-1998 IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 stores potentially sensitive authentication token information in log files that could be read by a local user.
local
low complexity
CWE-532
5.5
5.5
2025-03-27 CVE-2025-0273 Information Exposure Through Log Files vulnerability in Hcltechsw HCL Devops Deploy and HCL Launch
HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user.
local
low complexity
hcltechsw CWE-532
5.5
5.5
2025-03-26 CVE-2025-20231 In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the permissions of a higher-privileged user that could lead to disclosure of sensitive information.<br><br>The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser.
network
high complexity
CWE-532
7.1
7.1
2025-03-11 CVE-2025-24984 Information Exposure Through Log Files vulnerability in Microsoft products
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
low complexity
microsoft CWE-532
4.6
4.6
2025-03-11 CVE-2025-0071 SAP Web Dispatcher and Internet Communication Manager allow an attacker with administrative privileges to enable debugging trace mode with a specific parameter value.
network
low complexity
CWE-532
4.9
4.9
2025-02-22 CVE-2024-45674 IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores potentially sensitive information in log files that could be read by a local user.
local
low complexity
CWE-532
3.3
3.3
2025-02-21 CVE-2024-13818 Information Exposure Through Log Files vulnerability in Genetechsolutions PIE Register
The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3.9 through publicly exposed log files.
network
low complexity
genetechsolutions CWE-532
7.5
7.5
2025-02-06 CVE-2024-57957 Information Exposure Through Log Files vulnerability in Huawei Harmonyos 5.0.0
Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
network
low complexity
huawei CWE-532
7.5
7.5