Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-16 | CVE-2023-40338 | Information Exposure Through Log Files vulnerability in Jenkins Folders Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system. | 4.3 |
| 2023-08-16 | CVE-2023-32491 | Information Exposure Through Log Files vulnerability in Dell Powerscale Onefs 9.5.0.0 Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. | 6.5 |
| 2023-08-11 | CVE-2020-24804 | Information Exposure Through Log Files vulnerability in Cms-Dev CMS 1.4 Plaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain sensitive information via audit logs. | 6.5 |
| 2023-08-11 | CVE-2023-4108 | Information Exposure Through Log Files vulnerability in Mattermost Mattermost fails to sanitize post metadata during audit logging resulting in permalinks contents being logged | 7.5 |
| 2023-08-02 | CVE-2023-36494 | Information Exposure Through Log Files vulnerability in F5 F5Os-A 1.4.0 Audit logs on F5OS-A may contain undisclosed sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 4.4 |
| 2023-08-01 | CVE-2023-31426 | Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. | 6.5 |
| 2023-07-26 | CVE-2023-32468 | Information Exposure Through Log Files vulnerability in Dell ECS Streamer Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. | 4.9 |
| 2023-07-26 | CVE-2023-20891 | Information Exposure Through Log Files vulnerability in VMWare products The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF API admin credentials and can push new malicious versions of an application. | 6.5 |
| 2023-07-21 | CVE-2023-32478 | Information Exposure Through Log Files vulnerability in Dell Powerstoreos Dell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log file vulnerability. | 4.9 |
| 2023-07-20 | CVE-2023-32446 | Information Exposure Through Log Files vulnerability in Dell Wyse Thinos 9.4.1141 Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. | 5.5 |