Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-07 | CVE-2024-40596 | Information Exposure Through Log Files vulnerability in Mediawiki An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. | 4.3 |
| 2024-07-07 | CVE-2024-40598 | Information Exposure Through Log Files vulnerability in Mediawiki An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. | 4.3 |
| 2024-07-02 | CVE-2022-25477 | Information Exposure Through Log Files vulnerability in Realtek Rtsper and Rtsuer Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 leaks driver logs that contain addresses of kernel mode objects, weakening KASLR. | 5.5 |
| 2024-06-26 | CVE-2024-28830 | Information Exposure Through Log Files vulnerability in Checkmk Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2.2.0p28, <2.1.0p45 and <=2.0.0p39 (EOL) causes automation user secrets to be written to audit log files accessible to administrators. | 2.7 |
| 2024-06-26 | CVE-2024-29954 | Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. | 5.5 |
| 2024-06-24 | CVE-2024-6104 | Information Exposure Through Log Files vulnerability in Hashicorp Retryablehttp go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. | 5.5 |
| 2024-06-16 | CVE-2024-38460 | Information Exposure Through Log Files vulnerability in Sonarsource Sonarqube In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs, etc). | 6.5 |
| 2024-06-12 | CVE-2024-5908 | Information Exposure Through Log Files vulnerability in Paloaltonetworks Globalprotect A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. | 7.5 |
| 2024-06-06 | CVE-2024-0912 | Information Exposure Through Log Files vulnerability in Johnsoncontrols Software House C-Cure 9000 Siteserver 3.00.2 Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. | 4.2 |
| 2024-03-27 | CVE-2024-29945 | Information Exposure Through Log Files vulnerability in Splunk In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. | 7.2 |