Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-04 | CVE-2023-21492 | Information Exposure Through Log Files vulnerability in Samsung Android 11.0/12.0/13.0 Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. | 4.4 |
| 2023-05-04 | CVE-2023-31413 | Information Exposure Through Log Files vulnerability in Elastic Filebeat 8.6.2 Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled. | 3.3 |
| 2023-05-02 | CVE-2023-31207 | Information Exposure Through Log Files vulnerability in Checkmk 2.0.0/2.1.0 Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access log. | 5.5 |
| 2023-04-26 | CVE-2023-1786 | Information Exposure Through Log Files vulnerability in multiple products Sensitive data could be exposed in logs of cloud-init before version 23.1.2. | 5.5 |
| 2023-04-24 | CVE-2023-31056 | Information Exposure Through Log Files vulnerability in Cloverdx CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. | 6.5 |
| 2023-04-21 | CVE-2023-30618 | Information Exposure Through Log Files vulnerability in Kitchen-Terraform Project Kitchen-Terraform 7.0.0 Kitchen-Terraform provides a set of Test Kitchen plugins which enable the use of Test Kitchen to converge a Terraform configuration and verify the resulting infrastructure systems with InSpec controls. | 3.3 |
| 2023-04-19 | CVE-2021-3429 | Information Exposure Through Log Files vulnerability in Canonical Cloud-Init When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. | 5.5 |
| 2023-04-19 | CVE-2022-2084 | Information Exposure Through Log Files vulnerability in Canonical Cloud-Init and Ubuntu Linux Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. | 5.5 |
| 2023-04-19 | CVE-2023-30610 | Information Exposure Through Log Files vulnerability in Amazon Aws-Sigv4 aws-sigv4 is a rust library for low level request signing in the aws cloud platform. | 5.5 |
| 2023-04-18 | CVE-2023-29002 | Information Exposure Through Log Files vulnerability in Cilium Cilium is a networking, observability, and security solution with an eBPF-based dataplane. | 6.3 |