Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2018-10-03 CVE-2018-16049 Information Exposure Through Log Files vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2.
network
low complexity
gitlab CWE-532
critical
9.8
2018-09-26 CVE-2018-1768 Information Exposure Through Log Files vulnerability in IBM Spectrum Protect Plus 10.1.0/10.1.1
IBM Spectrum Protect Plus 10.1.0 and 10.1.1 could disclose sensitive information when an authorized user executes a test operation, the user id an password may be displayed in plain text within an instrumentation log file.
local
low complexity
ibm CWE-532
7.8
2018-09-19 CVE-2018-3828 Information Exposure Through Log Files vulnerability in Elastic Cloud Enterprise
Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability.
network
high complexity
elastic CWE-532
7.5
2018-09-19 CVE-2018-3827 Information Exposure Through Log Files vulnerability in Elastic Azure Repository
A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin.
network
high complexity
elastic CWE-532
8.1
2018-09-17 CVE-2018-1223 Information Exposure Through Log Files vulnerability in Pivotal Cloud Foundry Container Runtime
Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and vCenter credentials to application logs.
network
low complexity
pivotal CWE-532
8.8
2018-09-17 CVE-2018-1198 Information Exposure Through Log Files vulnerability in Pivotal Software Pivotal Cloud Cache
Pivotal Cloud Cache, versions prior to 1.3.1, prints a superuser password in plain text during BOSH deployment logs.
network
low complexity
pivotal-software CWE-532
8.8
2018-08-29 CVE-2018-6599 Information Exposure Through Log Files vulnerability in Orbic Wonder Rc555L Firmware 7.1/7.1.2
An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release-keys devices, allowing attackers to obtain sensitive information (such as text-message content) by reading a copy of the Android log on the SD card.
local
low complexity
orbic CWE-532
5.5
2018-08-12 CVE-2018-3776 Information Exposure Through Log Files vulnerability in Nextcloud Server
Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.
network
low complexity
nextcloud CWE-532
5.3
2018-08-10 CVE-2018-7754 Information Exposure Through Log Files vulnerability in Linux Kernel
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.
local
low complexity
linux CWE-532
5.5
2018-08-01 CVE-2018-1999036 Information Exposure Through Log Files vulnerability in Jenkins SSH Agent
An exposure of sensitive information vulnerability exists in Jenkins SSH Agent Plugin 1.15 and earlier in SSHAgentStepExecution.java that exposes the SSH private key password to users with permission to read the build log.
network
low complexity
jenkins CWE-532
6.5