Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2022-46647 | Information Exposure Through Log Files vulnerability in Intel Unison Software Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2023-11-14 | CVE-2023-32283 | Information Exposure Through Log Files vulnerability in Intel on Demand 1.16.1.1/2.1.0.1/3.0.1.3 Insertion of sensitive information into log file in some Intel(R) On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2023-11-14 | CVE-2023-45585 | Information Exposure Through Log Files vulnerability in Fortinet Fortisiem An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, version 5.3.3 and below may allow an authenticated user to view an encrypted ElasticSearch password via debug log files generated when FortiSIEM is configured with ElasticSearch Event Storage. | 3.3 |
| 2023-11-11 | CVE-2023-47390 | Information Exposure Through Log Files vulnerability in Juanfont Headscale Headscale through 0.22.3 writes bearer tokens to info-level logs. | 7.5 |
| 2023-11-07 | CVE-2023-0436 | Information Exposure Through Log Files vulnerability in Mongodb Atlas Kubernetes Operator The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like GCP service account keys and API integration secrets while DEBUG mode logging is enabled. | 7.5 |
| 2023-10-31 | CVE-2023-46255 | Information Exposure Through Log Files vulnerability in Authzed Spicedb SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. | 6.5 |
| 2023-10-30 | CVE-2023-21387 | Information Exposure Through Log Files vulnerability in Google Android In User Backup Manager, there is a possible way to leak a token to bypass user confirmation for backup due to log information disclosure. | 4.4 |
| 2023-10-28 | CVE-2023-46215 | Information Exposure Through Log Files vulnerability in Apache Airflow and Airflow Celery Provider Insertion of Sensitive Information into Log File vulnerability in Apache Airflow Celery provider, Apache Airflow. Sensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend Note: the vulnerability is about the information exposed in the logs not about accessing the logs. This issue affects Apache Airflow Celery provider: from 3.3.0 through 3.4.0; Apache Airflow: from 1.10.0 through 2.6.3. Users are recommended to upgrade Airflow Celery provider to version 3.4.1 and Apache Airlfow to version 2.7.0 which fixes the issue. | 7.5 |
| 2023-10-26 | CVE-2023-31417 | Information Exposure Through Log Files vulnerability in Elastic Elasticsearch Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. | 4.4 |
| 2023-10-26 | CVE-2023-31422 | Information Exposure Through Log Files vulnerability in Elastic Kibana 8.10.0 An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in the event of an error. | 7.5 |