Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-22 | CVE-2018-19863 | Information Exposure Through Log Files vulnerability in Agilebits 1Password 7.2.3 An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. | 5.5 |
| 2018-12-05 | CVE-2018-15797 | Information Exposure Through Log Files vulnerability in Pivotal Software Cloud Foundry NFS Volume Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to 1.5.4, 1.7.x prior to 1.7.3, logs the cf admin username and password when running the nfsbrokerpush BOSH deploy errand. | 8.8 |
| 2018-12-05 | CVE-2018-19865 | Information Exposure Through Log Files vulnerability in multiple products A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3. | 7.5 |
| 2018-12-05 | CVE-2018-19786 | Information Exposure Through Log Files vulnerability in Hashicorp Vault HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported. | 8.1 |
| 2018-12-03 | CVE-2018-14700 | Information Exposure Through Log Files vulnerability in Drobo 5N2 Firmware 4.0.513.28.96115 Incorrect access control in the /mysql/api/logfile.php endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve MySQL log files via the "name" URL parameter. | 7.5 |
| 2018-11-29 | CVE-2018-16859 | Information Exposure Through Log Files vulnerability in Redhat Ansible Engine Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. | 4.4 |
| 2018-11-27 | CVE-2018-16095 | Information Exposure Through Log Files vulnerability in Lenovo System Management Module Firmware 1.05 In System Management Module (SMM) versions prior to 1.06, the SMM records hashed passwords to a debug log when user authentication fails. | 5.9 |
| 2018-11-02 | CVE-2018-1876 | Information Exposure Through Log Files vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0 IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. | 5.5 |
| 2018-11-02 | CVE-2018-17922 | Information Exposure Through Log Files vulnerability in Circontrol Circarlife Firmware 4.3 Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication. | 9.8 |
| 2018-11-02 | CVE-2018-1788 | Information Exposure Through Log Files vulnerability in IBM Spectrum Protect Server IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace logs to a local privileged user. | 4.4 |