Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-13 | CVE-2024-27097 | Information Exposure Through Log Files vulnerability in Okfn Ckan A user endpoint didn't perform filtering on an incoming parameter, which was added directly to the application log. | 5.3 |
| 2024-03-12 | CVE-2024-28236 | Information Exposure Through Log Files vulnerability in Go-Vela Worker Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. | 6.5 |
| 2024-03-12 | CVE-2024-28186 | Information Exposure Through Log Files vulnerability in Freescout FreeScout is an open source help desk and shared inbox built with PHP. A vulnerability has been identified in the Free Scout Application, which exposes SMTP server credentials used by an organization in the application to users of the application. | 7.1 |
| 2024-03-08 | CVE-2024-23242 | Information Exposure Through Log Files vulnerability in Apple Ipad OS and Iphone OS A privacy issue was addressed by not logging contents of text fields. | 3.3 |
| 2024-02-12 | CVE-2024-23760 | Information Exposure Through Log Files vulnerability in Gambio 4.9.2.0 Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot. | 2.7 |
| 2024-02-08 | CVE-2023-47131 | Information Exposure Through Log Files vulnerability in N-Able Passportal The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file. | 7.5 |
| 2024-02-08 | CVE-2024-22464 | Information Exposure Through Log Files vulnerability in Dell EMC Appsync Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. | 6.8 |
| 2024-02-07 | CVE-2024-23448 | Information Exposure Through Log Files vulnerability in Elastic APM Server An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. | 7.5 |
| 2024-02-06 | CVE-2024-24939 | Information Exposure Through Log Files vulnerability in Jetbrains Rider In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible | 5.3 |
| 2024-02-01 | CVE-2024-0935 | Information Exposure Through Log Files vulnerability in 3DS Delmia Apriso 2019/2022/2024 Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release 2019 through Release 2024 | 7.5 |