Vulnerabilities > Information Exposure Through Log Files
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-16 | CVE-2023-22649 | Information Exposure Through Log Files vulnerability in Suse Rancher 2.7.0/2.7.1/2.7.4 A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs. | 6.5 |
2024-10-14 | CVE-2024-45738 | Information Exposure Through Log Files vulnerability in Splunk In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index. | 4.9 |
2024-10-14 | CVE-2024-45739 | Information Exposure Through Log Files vulnerability in Splunk In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. | 4.9 |
2024-10-14 | CVE-2024-38862 | Information Exposure Through Log Files vulnerability in Checkmk 2.1.0/2.2.0 Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators. | 4.4 |
2024-10-09 | CVE-2024-8264 | Information Exposure Through Log Files vulnerability in Fortra Robot Schedule Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled. | 5.5 |
2024-10-08 | CVE-2024-47822 | Information Exposure Through Log Files vulnerability in Monospace Directus Directus is a real-time API and App dashboard for managing SQL database content. | 4.2 |
2024-10-02 | CVE-2024-20490 | Information Exposure Through Log Files vulnerability in Cisco products A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco Nexus Dashboard Orchestrator (NDO) could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in an internal log that is stored in the tech support file. | 8.6 |
2024-10-02 | CVE-2024-20491 | Information Exposure Through Log Files vulnerability in Cisco products A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file. | 8.6 |
2024-09-27 | CVE-2024-8609 | Information Exposure Through Log Files vulnerability in Oceanicsoft Valeapp Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information.This issue affects ValeApp: before v2.0.0. | 7.5 |
2024-09-26 | CVE-2022-49037 | Information Exposure Through Log Files vulnerability in Synology Drive Client Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive information via unspecified vectors. | 6.5 |