Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2025-05-28 CVE-2025-46777 Information Exposure Through Log Files vulnerability in Fortinet Fortiportal 7.4.0
A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log.
network
low complexity
fortinet CWE-532
2.7
2.7
2025-04-29 CVE-2025-46329 Information Exposure Through Log Files vulnerability in Snowflake Connector for C/C++
libsnowflakeclient is the Snowflake Connector for C/C++.
local
low complexity
snowflake CWE-532
3.3
3.3
2025-04-25 CVE-2025-46432 Information Exposure Through Log Files vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs
network
low complexity
jetbrains CWE-532
6.5
6.5
2025-04-08 CVE-2025-25002 Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network.
low complexity
CWE-532
6.8
6.8
2025-03-29 CVE-2024-7577 IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product.
network
high complexity
CWE-532
4.4
4.4
2025-03-27 CVE-2025-1998 IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 stores potentially sensitive authentication token information in log files that could be read by a local user.
local
low complexity
CWE-532
5.5
5.5
2025-03-27 CVE-2025-31139 Information Exposure Through Log Files vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log
network
low complexity
jetbrains CWE-532
6.5
6.5
2025-03-27 CVE-2025-0273 Information Exposure Through Log Files vulnerability in Hcltechsw HCL Devops Deploy and HCL Launch
HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user.
local
low complexity
hcltechsw CWE-532
5.5
5.5
2025-03-26 CVE-2025-20231 In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the permissions of a higher-privileged user that could lead to disclosure of sensitive information.<br><br>The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser.
network
high complexity
CWE-532
7.1
7.1
2025-03-11 CVE-2025-24984 Information Exposure Through Log Files vulnerability in Microsoft products
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
low complexity
microsoft CWE-532
4.6
4.6