Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-12 | CVE-2019-3888 | Information Exposure Through Log Files vulnerability in multiple products A vulnerability was found in Undertow web server before 2.0.21. | 9.8 |
| 2019-06-06 | CVE-2019-9929 | Information Exposure Through Log Files vulnerability in Northern Cfengine 3.12.1 Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions. | 8.8 |
| 2019-05-14 | CVE-2019-11336 | Information Exposure Through Log Files vulnerability in Sony Photo Sharing Plus 6.5830 Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886. | 8.1 |
| 2019-05-03 | CVE-2019-6158 | Information Exposure Through Log Files vulnerability in Lenovo Xclarity Administrator An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text. | 5.9 |
| 2019-04-26 | CVE-2019-11492 | Information Exposure Through Log Files vulnerability in Projectsend ProjectSend before r1070 writes user passwords to the server logs. | 7.5 |
| 2019-04-24 | CVE-2019-9734 | Information Exposure Through Log Files vulnerability in Aquaverde Aquarius CMS Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a log file due to an overwriting of configuration parameters under certain circumstances. | 7.5 |
| 2019-04-24 | CVE-2019-9724 | Information Exposure Through Log Files vulnerability in Aquaverde Aquarius CMS aquaverde Aquarius CMS through 4.3.5 allows Information Exposure through Log Files because of an error in the Log-File writer component. | 7.5 |
| 2019-04-22 | CVE-2019-6157 | Information Exposure Through Log Files vulnerability in multiple products In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes the web server's private key in the generated log file for support. | 7.5 |
| 2019-04-22 | CVE-2015-1343 | Information Exposure Through Log Files vulnerability in Canonical Ubuntu Linux 15.10 All versions of unity-scope-gdrive logs search terms to syslog. | 5.3 |
| 2019-04-15 | CVE-2019-3891 | Information Exposure Through Log Files vulnerability in Redhat Satellite 6.4 It was discovered that a world-readable log file belonging to Candlepin component of Red Hat Satellite 6.4 leaked the credentials of the Candlepin database. | 7.8 |