Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2022-01-17 CVE-2022-22703 Information Exposure Through Log Files vulnerability in Stormshield Network Security 2.0.0/3.0.0
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer.
local
low complexity
stormshield CWE-532
2.1
2022-01-14 CVE-2021-44234 Information Exposure Through Log Files vulnerability in SAP Business ONE 10.0
SAP Business One - version 10.0, extended log stores information that can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
local
low complexity
sap CWE-532
2.1
2022-01-14 CVE-2021-39032 Information Exposure Through Log Files vulnerability in IBM Sterling Gentran 5.3
IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potentially sensitive information in log files that could be read by a local user.
local
low complexity
ibm CWE-532
2.1
2022-01-12 CVE-2021-45449 Information Exposure Through Log Files vulnerability in Docker Desktop 4.3.0/4.3.1
Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or password) on the user's machine during login.
local
low complexity
docker CWE-532
2.1
2022-01-11 CVE-2021-45034 Information Exposure Through Log Files vulnerability in Siemens products
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20).
network
siemens CWE-532
4.3
2022-01-04 CVE-2021-34797 Information Exposure Through Log Files vulnerability in Apache Geode
Apache Geode versions up to 1.12.4 and 1.13.4 are vulnerable to a log file redaction of sensitive information flaw when using values that begin with characters other than letters or numbers for passwords and security properties with the prefix "sysprop-", "javax.net.ssl", or "security-".
network
low complexity
apache CWE-532
5.0
2021-12-15 CVE-2021-0991 Information Exposure Through Log Files vulnerability in Google Android 12.0
In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure.
low complexity
google CWE-532
2.7
2021-12-15 CVE-2021-0997 Information Exposure Through Log Files vulnerability in Google Android 12.0
In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN disclosure due to log information disclosure.
local
low complexity
google CWE-532
2.1
2021-12-09 CVE-2021-37861 Information Exposure Through Log Files vulnerability in Mattermost
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when user creation fails.
network
low complexity
mattermost CWE-532
5.0
2021-12-08 CVE-2021-36718 Information Exposure Through Log Files vulnerability in Synel Eharmonynew and Synel Reports
SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default credentials and export a report of eharmony system with sensetive data (Employee name, Employee ID number, Working hours etc') The vulnerabilety has been addressed and fixed on version 11.
network
low complexity
synel CWE-532
6.8