ReportizFlow
Filtered by vendor
Subscriptions
Total
855 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-27026 | 1 Puppet | 3 Puppet, Puppet Connect, Puppet Enterprise | 2024-11-21 | 4.4 Medium |
| A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged | ||||
| CVE-2021-27022 | 1 Puppet | 2 Puppet, Puppet Enterprise | 2024-11-21 | 4.9 Medium |
| A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes). | ||||
| CVE-2021-27019 | 1 Puppet | 2 Puppet Enterprise, Puppetdb | 2024-11-21 | 4.3 Medium |
| PuppetDB logging included potentially sensitive system information. | ||||
| CVE-2021-26999 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 4.3 Medium |
| NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed version. | ||||
| CVE-2021-26998 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 4.3 Medium |
| NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed version. | ||||
| CVE-2021-26908 | 1 Automox | 1 Automox | 2024-11-21 | 3.3 Low |
| Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent. | ||||
| CVE-2021-25688 | 1 Teradici | 2 Pcoip Graphics Agent, Pcoip Standard Agent | 2024-11-21 | 5.5 Medium |
| Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user's password in the application logs. | ||||
| CVE-2021-25423 | 1 Samsung | 1 Watch Active2 Plugin | 2024-11-21 | 5.5 Medium |
| Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone via log. | ||||
| CVE-2021-25422 | 1 Samsung | 1 Watch Active Plugin | 2024-11-21 | 5.5 Medium |
| Improper log management vulnerability in Watch Active PlugIn prior to version 2.2.07.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log. | ||||
| CVE-2021-25421 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2024-11-21 | 5.5 Medium |
| Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log. | ||||
| CVE-2021-25420 | 1 Samsung | 1 Galaxy Watch Plugin | 2024-11-21 | 5.5 Medium |
| Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log. | ||||
| CVE-2021-25350 | 2 Google, Samsung | 2 Android, Account | 2024-11-21 | 2 Low |
| Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log. | ||||
| CVE-2021-25284 | 3 Debian, Fedoraproject, Saltstack | 3 Debian Linux, Fedora, Salt | 2024-11-21 | 4.4 Medium |
| An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level. | ||||
| CVE-2021-25009 | 1 Correosexpress Project | 1 Correosexpress | 2024-11-21 | 5.3 Medium |
| The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses | ||||
| CVE-2021-24024 | 1 Fortinet | 2 Fortiadc, Fortiadc Manager | 2024-11-21 | 4.3 Medium |
| A clear text storage of sensitive information into log file vulnerability in FortiADCManager 5.3.0 and below, 5.2.1 and below and FortiADC 5.3.7 and below may allow a remote authenticated attacker to read other local users' password in log files. | ||||
| CVE-2021-23924 | 1 Devolutions | 1 Devolutions Server | 2024-11-21 | 7.5 High |
| An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive information in diagnostic files. | ||||
| CVE-2021-23046 | 1 F5 | 2 Big-ip Access Policy Manager, Big-ip Guided Configuration | 2024-11-21 | 4.9 Medium |
| On all versions of Guided Configuration before 8.0.0, when a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2021-22929 | 1 Brave | 1 Brave | 2024-11-21 | 6.1 Medium |
| An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log. | ||||
| CVE-2021-22516 | 1 Microfocus | 1 Secure Api Manager | 2024-11-21 | 7.5 High |
| Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file. | ||||
| CVE-2021-22310 | 1 Huawei | 12 Nip6300, Nip6300 Firmware, Nip6600 and 9 more | 2024-11-21 | 4.4 Medium |
| There is an information leakage vulnerability in some huawei products. Due to the properly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause an information leak. Affected product versions include: NIP6300 versions V500R001C00,V500R001C20,V500R001C30;NIP6600 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6300 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6500 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6600 versions V500R001C00,V500R001C20,V500R001C30,V500R001C50,V500R001C60,V500R001C80;USG9500 versions V500R005C00,V500R005C10. | ||||