Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-10 | CVE-2023-22447 | Information Exposure Through Log Files vulnerability in Intel Open Cache Acceleration Software Insertion of sensitive information into log file in the Open CAS software for Linux maintained by Intel before version 22.6.2 may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
| 2023-05-04 | CVE-2023-21492 | Information Exposure Through Log Files vulnerability in Samsung Android 11.0/12.0/13.0 Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. | 4.4 |
| 2023-05-04 | CVE-2023-31413 | Information Exposure Through Log Files vulnerability in Elastic Filebeat 8.6.2 Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled. | 3.3 |
| 2023-05-02 | CVE-2023-31207 | Information Exposure Through Log Files vulnerability in Checkmk 2.0.0/2.1.0 Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access log. | 5.5 |
| 2023-04-26 | CVE-2023-1786 | Information Exposure Through Log Files vulnerability in multiple products Sensitive data could be exposed in logs of cloud-init before version 23.1.2. | 5.5 |
| 2023-04-24 | CVE-2023-31056 | Information Exposure Through Log Files vulnerability in Cloverdx CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. | 6.5 |
| 2023-04-19 | CVE-2021-3429 | Information Exposure Through Log Files vulnerability in Canonical Cloud-Init When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. | 5.5 |
| 2023-04-19 | CVE-2022-2084 | Information Exposure Through Log Files vulnerability in Canonical Cloud-Init and Ubuntu Linux Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. | 5.5 |
| 2023-04-04 | CVE-2022-48228 | Information Exposure Through Log Files vulnerability in Gbgplc Acuant Asureid Sentinel An issue was discovered in Acuant AsureID Sentinel before 5.2.149. | 5.5 |
| 2023-04-03 | CVE-2022-43772 | Information Exposure Through Log Files vulnerability in Hitachi Vantara Pentaho Business Analytics Server Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x with the Big Data Plugin expose the username and password of clusters in clear text into system logs. | 6.5 |