Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2024-02-12 CVE-2024-23760 Information Exposure Through Log Files vulnerability in Gambio 4.9.2.0
Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot.
network
low complexity
gambio CWE-532
2.7
2024-02-08 CVE-2023-47131 Information Exposure Through Log Files vulnerability in N-Able Passportal
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file.
network
low complexity
n-able CWE-532
7.5
2024-02-08 CVE-2024-22464 Information Exposure Through Log Files vulnerability in Dell EMC Appsync
Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs.
network
low complexity
dell CWE-532
6.8
2024-02-07 CVE-2024-23448 Information Exposure Through Log Files vulnerability in Elastic APM Server
An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document.
network
low complexity
elastic CWE-532
7.5
2024-02-06 CVE-2024-24939 Information Exposure Through Log Files vulnerability in Jetbrains Rider
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible
network
low complexity
jetbrains CWE-532
5.3
2024-02-01 CVE-2024-0935 Information Exposure Through Log Files vulnerability in 3DS Delmia Apriso 2019/2022/2024
Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release 2019 through Release 2024
network
low complexity
3ds CWE-532
7.5
2024-02-01 CVE-2024-0831 Information Exposure Through Log Files vulnerability in Hashicorp Vault 1.15.0/1.15.2
Vault and Vault Enterprise (“Vault”) may expose sensitive information when enabling an audit device which specifies the `log_raw` option, which may log sensitive information to other audit devices, regardless of whether they are configured to use `log_raw`.
network
low complexity
hashicorp CWE-532
6.5
2024-01-30 CVE-2023-46230 Information Exposure Through Log Files vulnerability in Splunk Add-On Builder 4.1.0/4.1.1/4.1.2
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files.
network
low complexity
splunk CWE-532
4.9
2024-01-30 CVE-2023-46231 Information Exposure Through Log Files vulnerability in Splunk Add-On Builder 4.1.0/4.1.1/4.1.2
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on.
network
low complexity
splunk CWE-532
7.2
2024-01-30 CVE-2024-23840 Information Exposure Through Log Files vulnerability in Goreleaser 1.23.0
GoReleaser builds Go binaries for several platforms, creates a GitHub release and then pushes a Homebrew formula to a tap repository.
local
low complexity
goreleaser CWE-532
5.5