Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2024-01-29 CVE-2024-23791 Information Exposure Through Log Files vulnerability in Otrs
Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.
network
low complexity
otrs CWE-532
7.5
2024-01-22 CVE-2024-23677 Information Exposure Through Log Files vulnerability in Splunk Cloud and Splunk
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file.
network
low complexity
splunk CWE-532
5.3
2024-01-19 CVE-2024-23686 Information Exposure Through Log Files vulnerability in Owasp Dependency-Check
DependencyCheck for Maven 9.0.0 to 9.0.6, for CLI version 9.0.0 to 9.0.5, and for Ant versions 9.0.0 to 9.0.5, when used in debug mode, allows an attacker to recover the NVD API Key from a log file.
network
low complexity
owasp CWE-532
5.3
2024-01-08 CVE-2023-51408 Information Exposure Through Log Files vulnerability in Studiowombat WP Optin Wheel
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StudioWombat WP Optin Wheel – Gamified Optin Email Marketing Tool for WordPress and WooCommerce.This issue affects WP Optin Wheel – Gamified Optin Email Marketing Tool for WordPress and WooCommerce: from n/a through 1.4.3.
network
low complexity
studiowombat CWE-532
7.5
2024-01-03 CVE-2023-50253 Information Exposure Through Log Files vulnerability in LAF
Laf is a cloud development platform.
network
low complexity
laf CWE-532
6.5
2024-01-01 CVE-2023-6064 Information Exposure Through Log Files vulnerability in Payhere Payment Gateway
The PayHere Payment Gateway WordPress plugin before 2.2.12 automatically creates publicly-accessible log files containing sensitive information when transactions occur.
network
low complexity
payhere CWE-532
7.5
2023-12-21 CVE-2023-6746 Information Exposure Through Log Files vulnerability in Github Enterprise Server
An insertion of sensitive information into log file vulnerability was identified in the log files for a GitHub Enterprise Server back-end service that could permit an `adversary in the middle attack` when combined with other phishing techniques.
network
high complexity
github CWE-532
5.7
2023-12-21 CVE-2023-6802 Information Exposure Through Log Files vulnerability in Github Enterprise Server
An insertion of sensitive information into the log file in the audit log in GitHub Enterprise Server was identified that could allow an attacker to gain access to the management console.
network
low complexity
github CWE-532
6.5
2023-12-14 CVE-2023-1904 Information Exposure Through Log Files vulnerability in Octopus Server
In affected versions of Octopus Server it is possible for the OpenID client secret to be logged in clear text during the configuration of Octopus Server.
network
low complexity
octopus CWE-532
7.5
2023-12-13 CVE-2023-46671 Information Exposure Through Log Files vulnerability in Elastic Kibana
An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error.
network
low complexity
elastic CWE-532
6.5