Total
762 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-15763 | 1 Pivotal Software | 1 Pivotal Container Service | 2024-02-28 | 4.0 MEDIUM | 8.8 HIGH |
| Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure vulnerability which exposes IaaS credentials to application logs. A malicious user with access to application logs may be able to obtain IaaS credentials and perform actions using these credentials. | |||||
| CVE-2019-4008 | 1 Ibm | 1 Api Connect | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
| API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in some URLs can result in the tokens being written to log files. IBM X-Force ID: 155626. | |||||
| CVE-2019-0029 | 1 Juniper | 3 Advanced Threat Prevention, Atp400, Atp700 | 2024-02-28 | 2.1 LOW | 7.8 HIGH |
| Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users. Using these credentials an attacker can access the Splunk server. This issue affects Juniper ATP 5.0 versions prior to 5.0.3. | |||||
| CVE-2018-14995 | 1 Zteusa | 8 Zte Blade Spark, Zte Blade Spark Firmware, Zte Blade Vantage and 5 more | 2024-02-28 | 1.9 LOW | 4.7 MEDIUM |
| The ZTE Blade Vantage Android device with a build fingerprint of ZTE/Z839/sweet:7.1.1/NMF26V/20180120.095344:user/release-keys, the ZTE Blade Spark Android device with a build fingerprint of ZTE/Z971/peony:7.1.1/NMF26V/20171129.143111:user/release-keys, the ZTE ZMAX Pro Android device with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contain a pre-installed platform app with a package name of com.android.modem.service (versionCode=25, versionName=7.1.1; versionCode=23, versionName=6.0.1) that exports an interface to any app on co-located on the device. Using the exported interface of the com.android.modem.service app, any app can enable and obtain certain log files (modem and logcat) without the appropriate corresponding access permissions. The modem logs contain the phone number and full text body of incoming and outgoing text messages in binary format. In addition, the modem log contains the phone numbers for both incoming and outgoing phone calls. The system-wide logcat logs (those obtained via the logcat binary) tend to contain sensitive user data. Third-party apps are prevented from directly reading the system-wide logcat logs. The capability to read from the system-wide logcat logs is only available to pre-installed system apps and platform apps. The modem log and/or logcat log, once activated, get written to external storage (SD card). An app aware of this vulnerability can enable the logs, parse them for relevant data, and exfiltrate them from the device. The modem log and logcat log are inactive by default, but a third-party app with no permissions can activate them, although the app will need to be granted the READ_EXTERNAL_STORAGE permission to access them. | |||||
| CVE-2018-15002 | 1 Vivo | 2 V7, V7 Firmware | 2024-02-28 | 1.9 LOW | 4.7 MEDIUM |
| The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys allows any app co-located on the device to set system properties as the com.android.phone user. The com.qualcomm.qti.modemtestmode app (versionCode=25, versionName=7.1.2) that contains an exported service named com.qualcomm.qti.modemtestmode.MbnTestService that allows any app co-located on the device to provide key-value pairs to set certain system properties. Notably, system properties with the persist.* prefix can be set which will survive a reboot. On the Vivo V7 device, when the persist.sys.input.log property is set to have a value of yes, the user's screen touches be written to the logcat log by the InputDispatcher for all apps. The system-wide logcat log can be obtained from external storage via a different known vulnerability on the device. The READ_EXTERNAL_STORAGE permission is necessary to access the log files containing the user's touch coordinates. With some effort, the user's touch coordinates can be mapped to key presses on a keyboard. | |||||
| CVE-2018-19865 | 2 Opensuse, Qt | 2 Leap, Qt | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3. | |||||
| CVE-2018-19786 | 1 Hashicorp | 1 Vault | 2024-02-28 | 4.3 MEDIUM | 8.1 HIGH |
| HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported. | |||||
| CVE-2017-15113 | 2 Ovirt, Redhat | 2 Ovirt, Virtualization | 2024-02-28 | 3.5 LOW | 6.6 MEDIUM |
| ovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administrators can change the log level and only administrators can access the logs. This presents a risk when debug-level logs are shared with vendors or other parties to troubleshoot issues. | |||||
| CVE-2018-16859 | 1 Redhat | 1 Ansible Engine | 2024-02-28 | 2.1 LOW | 4.4 MEDIUM |
| Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable. | |||||
| CVE-2016-10526 | 1 Grunt-gh-pages Project | 1 Grunt-gh-pages | 2024-02-28 | 5.0 MEDIUM | 8.6 HIGH |
| A common setup to deploy to gh-pages on every commit via a CI system is to expose a github token to ENV and to use it directly in the auth part of the url. In module versions < 0.9.1 the auth portion of the url is outputted as part of the grunt tasks logging function. If this output is publicly available then the credentials should be considered compromised. | |||||
| CVE-2018-7433 | 1 Ithemes | 1 Security | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| The iThemes Security plugin before 6.9.1 for WordPress does not properly perform data escaping for the logs page. | |||||
| CVE-2018-11320 | 1 Octopus | 1 Octopus Server | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
| In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target do not have sensitive values obfuscated in the deployment logs. | |||||
| CVE-2018-8719 | 1 Wpsecurityauditlog | 1 Wp Security Audit Log | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information. | |||||
| CVE-2018-10889 | 1 Moodle | 1 Moodle | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No option existed to omit logs from data privacy exports, which may contain details of other users who interacted with the requester. | |||||
| CVE-2018-1000060 | 1 Sensu | 1 Sensu Core | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
| Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redact_sensitive() that can result in sensitive configuration data (e.g. passwords) may be logged in clear-text. This attack appear to be exploitable via victims with configuration matching a specific pattern will observe sensitive data outputted in their service log files. This vulnerability appears to have been fixed in 1.2.1 and later, after commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b. | |||||
| CVE-2017-1733 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-02-28 | 2.1 LOW | 3.3 LOW |
| IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 134914. | |||||
| CVE-2018-12604 | 1 Njtech | 1 Greencms | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_day.log. | |||||
| CVE-2018-7204 | 1 Giribaz | 1 File Manager | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for WordPress logged activity related to the plugin in /wp-content/uploads/file-manager/log.txt. If a user edits the wp-config.php file using this plugin, the wp-config.php contents get added to log.txt, which is not protected and contains database credentials, salts, etc. These files have been indexed by Google and a simple dork will find affected sites. | |||||
| CVE-2017-9271 | 2 Fedoraproject, Opensuse | 2 Fedora, Zypper | 2024-02-28 | 2.1 LOW | 3.3 LOW |
| The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used. | |||||
| CVE-2018-0335 | 1 Cisco | 1 Prime Collaboration | 2024-02-28 | 2.1 LOW | 7.8 HIGH |
| A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. The vulnerability is due to improper logging of authentication data. An attacker could exploit this vulnerability by monitoring a specific World-Readable file for this authentication data (Cleartext Passwords). An exploit could allow the attacker to gain authentication information for other users. Cisco Bug IDs: CSCvd86602. | |||||