Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-22 | CVE-2022-0010 | Information Exposure Through Log Files vulnerability in ABB products Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools. An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. | 5.5 |
| 2023-05-16 | CVE-2023-33001 | Information Exposure Through Log Files vulnerability in Jenkins Hashicorp Vault Jenkins HashiCorp Vault Plugin 360.v0a_1c04cf807d and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 7.5 |
| 2023-05-12 | CVE-2023-2514 | Information Exposure Through Log Files vulnerability in Mattermost Mattermost Sever fails to redact the DB username and password before emitting an application log during server initialization. | 7.5 |
| 2023-05-10 | CVE-2023-22447 | Information Exposure Through Log Files vulnerability in Intel Open Cache Acceleration Software Insertion of sensitive information into log file in the Open CAS software for Linux maintained by Intel before version 22.6.2 may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
| 2023-05-04 | CVE-2023-21492 | Information Exposure Through Log Files vulnerability in Samsung Android 11.0/12.0/13.0 Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. | 4.4 |
| 2023-05-04 | CVE-2023-31413 | Information Exposure Through Log Files vulnerability in Elastic Filebeat 8.6.2 Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled. | 3.3 |
| 2023-05-02 | CVE-2023-31207 | Information Exposure Through Log Files vulnerability in Checkmk 2.0.0/2.1.0 Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access log. | 5.5 |
| 2023-04-26 | CVE-2023-1786 | Information Exposure Through Log Files vulnerability in multiple products Sensitive data could be exposed in logs of cloud-init before version 23.1.2. | 5.5 |
| 2023-04-24 | CVE-2023-31056 | Information Exposure Through Log Files vulnerability in Cloverdx CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. | 6.5 |
| 2023-04-19 | CVE-2021-3429 | Information Exposure Through Log Files vulnerability in Canonical Cloud-Init When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. | 5.5 |