Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-20 | CVE-2019-8944 | Information Exposure Through Log Files vulnerability in Octopus Deploy An Information Exposure issue in the Terraform deployment step in Octopus Deploy before 2019.1.8 (and before 2018.10.4 LTS) allows remote authenticated users to view sensitive Terraform output variables via log files. | 6.5 |
| 2019-02-15 | CVE-2019-0266 | Information Exposure Through Log Files vulnerability in SAP Hana Extended Application Services 1.0 Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS advanced) writes credentials of platform users to a trace file of the SAP HANA system. | 7.5 |
| 2019-02-07 | CVE-2019-4008 | Information Exposure Through Log Files vulnerability in IBM API Connect API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. | 9.8 |
| 2019-02-05 | CVE-2017-1198 | Information Exposure Through Log Files vulnerability in IBM Bigfix Compliance 1.7/1.8/1.9.91 IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL parameters. | 5.3 |
| 2019-01-28 | CVE-2018-19014 | Information Exposure Through Log Files vulnerability in Draeger products Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. | 6.5 |
| 2019-01-15 | CVE-2019-0029 | Information Exposure Through Log Files vulnerability in Juniper Advanced Threat Prevention Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users. | 7.8 |
| 2019-01-15 | CVE-2019-0021 | Information Exposure Through Log Files vulnerability in Juniper Advanced Threat Prevention On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in clear text, allowing authenticated local user to be able to view these secret information. | 5.5 |
| 2019-01-15 | CVE-2019-0004 | Information Exposure Through Log Files vulnerability in Juniper Advanced Threat Prevention On Juniper ATP, the API key and the device key are logged in a file readable by authenticated local users. | 5.5 |
| 2019-01-02 | CVE-2019-3500 | Information Exposure Through Log Files vulnerability in multiple products aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file. | 7.8 |
| 2018-12-28 | CVE-2018-15004 | Information Exposure Through Log Files vulnerability in Coolpad Canvas Firmware 7.0 The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M/093031423:user/release-keys contains a platform app with a package name of com.qualcomm.qti.modemtestmode (versionCode=24, versionName=7.0) that contains an exported service app component named com.qualcomm.qti.modemtestmode.MbnTestService that allows any app on the device to set certain system properties as the com.android.phone user. | 5.9 |