Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-18 | CVE-2023-4413 | Information Exposure Through Log Files vulnerability in Rootkit Hunter Project Rootkit Hunter 1.4.4/1.4.6 ** DISPUTED ** A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6. | 2.5 |
| 2023-08-16 | CVE-2023-40338 | Information Exposure Through Log Files vulnerability in Jenkins Folders Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system. | 4.3 |
| 2023-08-11 | CVE-2020-24804 | Information Exposure Through Log Files vulnerability in Cms-Dev CMS 1.4 Plaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain sensitive information via audit logs. | 6.5 |
| 2023-08-11 | CVE-2023-4108 | Information Exposure Through Log Files vulnerability in Mattermost Mattermost fails to sanitize post metadata during audit logging resulting in permalinks contents being logged | 7.5 |
| 2023-08-02 | CVE-2023-36494 | Information Exposure Through Log Files vulnerability in F5 F5Os-A 1.4.0 Audit logs on F5OS-A may contain undisclosed sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 4.4 |
| 2023-08-01 | CVE-2023-31426 | Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. | 6.5 |
| 2023-07-26 | CVE-2023-20891 | Information Exposure Through Log Files vulnerability in VMWare products The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF API admin credentials and can push new malicious versions of an application. | 6.5 |
| 2023-07-20 | CVE-2023-32446 | Information Exposure Through Log Files vulnerability in Dell Wyse Thinos 9.4.1141 Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. | 5.5 |
| 2023-07-20 | CVE-2023-32447 | Information Exposure Through Log Files vulnerability in Dell Wyse Thinos Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure vulnerability. | 5.5 |
| 2023-07-20 | CVE-2023-32455 | Information Exposure Through Log Files vulnerability in Dell Wyse Thinos Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. | 5.5 |