Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2018-06-22 CVE-2018-7682 Information Exposure Through Log Files vulnerability in Microfocus Solutions Business Manager
Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains.
network
low complexity
microfocus CWE-532
6.5
2018-06-21 CVE-2018-7683 Information Exposure Through Log Files vulnerability in Microfocus Solutions Business Manager
Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files.
network
low complexity
microfocus CWE-532
7.5
2018-06-20 CVE-2018-12604 Information Exposure Through Log Files vulnerability in Njtech Greencms 2.3.0603
GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_day.log.
network
low complexity
njtech CWE-532
7.5
2018-06-06 CVE-2017-1480 Information Exposure Through Log Files vulnerability in IBM products
IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores potentially sensitive information in log files that could be read by a remote user.
network
low complexity
ibm CWE-532
4.3
2018-05-31 CVE-2016-10526 Information Exposure Through Log Files vulnerability in Grunt-Gh-Pages Project Grunt-Gh-Pages
A common setup to deploy to gh-pages on every commit via a CI system is to expose a github token to ENV and to use it directly in the auth part of the url.
network
low complexity
grunt-gh-pages-project CWE-532
8.6
2018-05-29 CVE-2018-1241 Information Exposure Through Log Files vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file.
network
low complexity
emc CWE-532
8.8
2018-05-21 CVE-2018-11320 Information Exposure Through Log Files vulnerability in Octopus Server
In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target do not have sensitive values obfuscated in the deployment logs.
network
low complexity
octopus CWE-532
critical
9.8
2018-05-08 CVE-2017-2592 Information Exposure Through Log Files vulnerability in multiple products
python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure.
local
low complexity
openstack canonical CWE-532
5.5
2018-04-04 CVE-2018-8719 Information Exposure Through Log Files vulnerability in Wpsecurityauditlog WP Security Audit LOG 3.1.1
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress.
network
low complexity
wpsecurityauditlog CWE-532
5.3
2018-04-04 CVE-2017-1733 Information Exposure Through Log Files vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.3.1
IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a local user.
local
low complexity
ibm CWE-532
3.3