Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-02 | CVE-2022-25477 | Information Exposure Through Log Files vulnerability in Realtek Rtsper and Rtsuer Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 leaks driver logs that contain addresses of kernel mode objects, weakening KASLR. | 5.5 |
| 2024-06-27 | CVE-2023-30430 | Information Exposure Through Log Files vulnerability in IBM Security Verify Access IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from trace logs. | 5.5 |
| 2024-06-26 | CVE-2024-29177 | Information Exposure Through Log Files vulnerability in Dell Data Domain Operating System Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a disclosure of temporary sensitive information vulnerability. | 2.7 |
| 2024-06-26 | CVE-2024-29954 | Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. | 5.5 |
| 2024-06-24 | CVE-2024-6104 | Information Exposure Through Log Files vulnerability in Hashicorp Retryablehttp go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. | 5.5 |
| 2024-06-21 | CVE-2022-44587 | Information Exposure Through Log Files vulnerability in Melapress WP 2FA Insertion of Sensitive Information into Log File vulnerability in WP 2FA allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP 2FA: from n/a through 2.6.3. | 7.5 |
| 2024-06-16 | CVE-2024-38460 | Information Exposure Through Log Files vulnerability in Sonarsource Sonarqube In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs, etc). | 6.5 |
| 2024-06-12 | CVE-2024-5557 | Information Exposure Through Log Files vulnerability in Schneider-Electric Spacelogic As-B Firmware and Spacelogic As-P Firmware CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause exposure of SNMP credentials when an attacker has access to the controller logs. | 4.5 |
| 2024-06-12 | CVE-2024-5908 | Information Exposure Through Log Files vulnerability in Paloaltonetworks Globalprotect A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. | 7.5 |
| 2024-06-06 | CVE-2024-0912 | Information Exposure Through Log Files vulnerability in Johnsoncontrols Software House C-Cure 9000 Siteserver 3.00.2 Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. | 4.2 |