ReportizFlow
Filtered by vendor
Subscriptions
Total
855 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-28859 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2024-11-21 | 6.5 Medium |
| On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when installing Net HSM, the scripts (nethsm-safenet-install.sh and nethsm-thales-install.sh) expose the Net HSM partition password. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2022-28625 | 1 Hp | 1 Oneview | 2024-11-21 | 5.5 Medium |
| A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView. | ||||
| CVE-2022-28161 | 1 Brocade | 1 Sannav | 2024-11-21 | 5.5 Medium |
| An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this vulnerability, the attacker would need to have valid user credentials and turn on debug mode. | ||||
| CVE-2022-27896 | 1 Palantir | 1 Foundry Code-workbooks | 2024-11-21 | 4.2 Medium |
| Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgrade to Code-Workbooks version 4.461.0. This issue affects Palantir Foundry Code-Workbooks version 4.144 to version 4.460.0 and is resolved in 4.461.0. | ||||
| CVE-2022-27895 | 1 Palantir | 1 Foundry Build2 | 2024-11-21 | 4.2 Medium |
| Information Exposure Through Log Files vulnerability discovered in Foundry when logs were captured using an underlying library known as Build2. This issue was present in versions earlier than 1.785.0. Upgrade to Build2 version 1.785.0 or greater. | ||||
| CVE-2022-27893 | 1 Osisoft-pi-web-connector Project | 1 Osisoft-pi-web-connector | 2024-11-21 | 4.2 Medium |
| The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0. | ||||
| CVE-2022-27888 | 1 Palantir | 1 Foundry Issues | 2024-11-21 | 5.5 Medium |
| Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information (session tokens). This issue was fixed in 2.249.1. | ||||
| CVE-2022-27636 | 2 F5, Microsoft | 3 Big-ip Access Policy Manager, Big-ip Access Policy Manager Client, Windows | 2024-11-21 | 5.5 Medium |
| On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, BIG-IP Edge Client may log sensitive APM session-related information when VPN is launched on a Windows system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2022-27599 | 1 Qnap | 1 Qvr Pro Client | 2024-11-21 | 6.7 Medium |
| An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already fixed the vulnerability in the following version: Windows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Pro Client 2.3.0.0420 and later | ||||
| CVE-2022-27549 | 1 Hcltechsw | 1 Hcl Launch | 2024-11-21 | 4 Medium |
| HCL Launch may store certain data for recurring activities in a plain text format. | ||||
| CVE-2022-27442 | 1 Tpcms Project | 1 Tpcms | 2024-11-21 | 7.5 High |
| TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information such as the administrator's user name and password. | ||||
| CVE-2022-27192 | 1 Asseco | 1 Dvs Avilys | 2024-11-21 | 7.5 High |
| The Reporting module in Aseco Lietuva document management system DVS Avilys before 3.5.58 allows unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading administrative files. | ||||
| CVE-2022-25830 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2024-11-21 | 1.9 Low |
| Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log | ||||
| CVE-2022-25829 | 1 Samsung | 1 Watch Active2 Plugin | 2024-11-21 | 1.9 Low |
| Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log | ||||
| CVE-2022-25828 | 1 Samsung | 1 Watch Active Plugin | 2024-11-21 | 1.9 Low |
| Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows attacker to access password information of connected WiFiAp in the log | ||||
| CVE-2022-25827 | 1 Samsung | 1 Galaxy Watch Plugin | 2024-11-21 | 1.9 Low |
| Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log | ||||
| CVE-2022-25826 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2024-11-21 | 1.9 Low |
| Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log | ||||
| CVE-2022-25823 | 1 Samsung | 1 Galaxy Watch Plugin | 2024-11-21 | 1.9 Low |
| Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log. | ||||
| CVE-2022-25518 | 1 Tecnoteca | 1 Cmdbuild | 2024-11-21 | 6.5 Medium |
| In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which allows attackers with database access to read the password of the users who login to the application by querying the database table. | ||||
| CVE-2022-25477 | 1 Realtek | 2 Rtsper, Rtsuer | 2024-11-21 | 5.5 Medium |
| Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 leaks driver logs that contain addresses of kernel mode objects, weakening KASLR. | ||||