Total
758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22869 | 2024-04-19 | N/A | 5.5 MEDIUM | ||
| IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119. | |||||
| CVE-2024-29959 | 2024-04-19 | N/A | 8.6 HIGH | ||
| A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints Brocade Fabric OS switch encrypted passwords in the Brocade SANnav Standby node's support save. | |||||
| CVE-2024-29957 | 2024-04-19 | N/A | 7.5 HIGH | ||
| When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key. | |||||
| CVE-2024-29958 | 2024-04-19 | N/A | 7.5 HIGH | ||
| A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less protected path to acquiring the encryption key. | |||||
| CVE-2024-32686 | 2024-04-18 | N/A | 5.3 MEDIUM | ||
| Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3. | |||||
| CVE-2024-29955 | 2024-04-18 | N/A | 5.0 MEDIUM | ||
| A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. This could provide attackers with an additional, less-protected path to acquiring the encryption key. | |||||
| CVE-2024-32513 | 2024-04-17 | N/A | 5.3 MEDIUM | ||
| Insertion of Sensitive Information into Log File vulnerability in AdTribes.Io Product Feed PRO for WooCommerce.This issue affects Product Feed PRO for WooCommerce: from n/a through 13.3.1. | |||||
| CVE-2024-22440 | 2024-04-17 | N/A | 6.8 MEDIUM | ||
| A potential security vulnerability has been identified in HPE Compute Scale-up Server 3200 server. This vulnerability could cause disclosure of sensitive information in log files. | |||||
| CVE-2023-6814 | 2024-04-16 | N/A | 5.6 MEDIUM | ||
| Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 before 11-10-10, from 11-00 before 11-00-12, All versions of V8 and V9. | |||||
| CVE-2024-22339 | 2024-04-15 | N/A | 4.3 MEDIUM | ||
| IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. IBM X-Force ID: 279979. | |||||
| CVE-2024-31254 | 2024-04-10 | N/A | 3.7 LOW | ||
| Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7. | |||||
| CVE-2024-31247 | 2024-04-10 | N/A | 5.3 MEDIUM | ||
| Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG Drupal to WordPress.This issue affects FG Drupal to WordPress: from n/a through 3.70.3. | |||||
| CVE-2024-31249 | 2024-04-10 | N/A | 5.3 MEDIUM | ||
| Insertion of Sensitive Information into Log File vulnerability in WPKube Subscribe To Comments Reloaded.This issue affects Subscribe To Comments Reloaded: from n/a through 220725. | |||||
| CVE-2024-31245 | 2024-04-10 | N/A | 5.3 MEDIUM | ||
| Insertion of Sensitive Information into Log File vulnerability in ConvertKit.This issue affects ConvertKit: from n/a through 2.4.5. | |||||
| CVE-2024-31298 | 2024-04-10 | N/A | 5.3 MEDIUM | ||
| Insertion of Sensitive Information into Log File vulnerability in Joel Hardi User Spam Remover.This issue affects User Spam Remover: from n/a through 1.0. | |||||
| CVE-2024-31259 | 2024-04-10 | N/A | 7.5 HIGH | ||
| Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5. | |||||
| CVE-2024-29945 | 1 Splunk | 1 Splunk | 2024-04-10 | N/A | 7.2 HIGH |
| In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level. | |||||
| CVE-2024-23677 | 1 Splunk | 2 Cloud, Splunk | 2024-04-10 | N/A | 5.3 MEDIUM |
| In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file. | |||||
| CVE-2023-46231 | 1 Splunk | 1 Add-on Builder | 2024-04-10 | N/A | 7.2 HIGH |
| In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on. | |||||
| CVE-2023-46230 | 1 Splunk | 1 Add-on Builder | 2024-04-10 | N/A | 4.9 MEDIUM |
| In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files. | |||||