Total
852 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-31139 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 4.3 MEDIUM |
| In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log | |||||
| CVE-2025-46432 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 4.3 MEDIUM |
| In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs | |||||
| CVE-2025-26795 | 2025-05-16 | N/A | N/A | ||
| Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver. This issue affects iotdb-jdbc: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 2.0.2 and 1.3.4, which fix the issue. | |||||
| CVE-2025-26864 | 2025-05-16 | N/A | N/A | ||
| Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue. | |||||
| CVE-2025-31213 | 2025-05-13 | N/A | 7.6 HIGH | ||
| A logging issue was addressed with improved data redaction. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access associated usernames and websites in a user's iCloud Keychain. | |||||
| CVE-2025-22246 | 2025-05-13 | N/A | 3.0 LOW | ||
| Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key exposure in logs. | |||||
| CVE-2022-3293 | 1 Gitlab | 1 Gitlab | 2025-05-13 | N/A | 3.5 LOW |
| Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 | |||||
| CVE-2025-46329 | 1 Snowflake | 1 Connector For C\/c\+\+ | 2025-05-09 | N/A | 3.3 LOW |
| libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not grant access to any sensitive data without additional access authorizations, and is not logged server-side by Snowflake. This issue has been patched in version 2.2.0. | |||||
| CVE-2022-31684 | 1 Pivotal | 1 Reactor Netty | 2025-05-09 | N/A | 4.3 MEDIUM |
| Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled. | |||||
| CVE-2023-50740 | 1 Apache | 1 Linkis | 2025-05-07 | N/A | 5.3 MEDIUM |
| In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module. We recommend users upgrade the version of Linkis to version 1.5.0 | |||||
| CVE-2022-3018 | 1 Gitlab | 1 Gitlab | 2025-05-07 | N/A | 6.8 MEDIUM |
| An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 allows a project maintainer to access the DataDog integration API key from webhook logs. | |||||
| CVE-2022-3499 | 1 Tenable | 1 Nessus | 2025-05-05 | N/A | 6.5 MEDIUM |
| An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present. | |||||
| CVE-2024-23758 | 1 Unisys | 1 Stealth | 2025-05-02 | N/A | 7.5 HIGH |
| An issue discovered in Unisys Stealth 5.3.062.0 allows attackers to view sensitive information via the Enterprise ManagementInstaller_msi.log file. | |||||
| CVE-2025-3911 | 2025-05-02 | N/A | N/A | ||
| Recording of environment variables, configured for running containers, in Docker Desktop application logs could lead to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain sensitive credentials information and further use it to gain unauthorized access to other systems. Starting with version 4.41.0, Docker Desktop no longer logs environment variables set by the user. | |||||
| CVE-2023-43261 | 1 Milesight | 12 Ur32, Ur32 Firmware, Ur32l and 9 more | 2025-05-01 | N/A | 7.5 HIGH |
| An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. | |||||
| CVE-2022-43673 | 1 Wire | 1 Wire | 2025-04-30 | N/A | 4.7 MEDIUM |
| Wire through 3.22.3993 on Windows advertises deletion of sent messages; nonetheless, all messages can be retrieved (for a limited period of time) from the AppData\Roaming\Wire\IndexedDB\https_app.wire.com_0.indexeddb.leveldb database. | |||||
| CVE-2025-46614 | 2025-04-29 | N/A | 3.3 LOW | ||
| In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL query at the INFO level, aka Insertion of Sensitive Information into a Log File. | |||||
| CVE-2022-2721 | 1 Octopus | 1 Octopus Server | 2025-04-25 | N/A | 7.5 HIGH |
| In affected versions of Octopus Server it is possible for target discovery to print certain values marked as sensitive to log files in plaint-text in when verbose logging is enabled. | |||||
| CVE-2025-2092 | 2025-04-23 | N/A | N/A | ||
| Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p29, <2.2.0p41 and <=2.1.0p49 (EOL) causes remote site authentication secrets to be written to log files accessible to administrators. | |||||
| CVE-2025-2300 | 2025-04-23 | N/A | 5.5 MEDIUM | ||
| Hitachi Ops Center Common Services within Hitachi Ops Center OVA contains an information exposure vulnerability. This issue affects Hitachi Ops Center Common Services: from 11.0.3-00 before 11.0.4-00. | |||||