• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-532

CVE-2020-7215

February 26, 2023 by

An issue was discovered in Gallagher Command Centre 7.x before 7.90.991(MR5), 8.00 before 8.00.1161(MR5), and 8.10 before 8.10.1134(MR4). External system configuration data (used for third party integrations such as DVR systems) were logged in the Command Centre event trail. Any authenticated operator with the ‘view events’ privilege could see the full configuration, including cleartext usernames and passwords, under the event details of a Modified DVR System event.

CVE-2020-7021

February 26, 2023 by

Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details.

CVE-2020-6938

February 26, 2023 by

A sensitive information disclosure vulnerability in Tableau Server 10.5, 2018.x, 2019.x, 2020.x released before June 26, 2020, could allow access to sensitive information in log files.

CVE-2020-6653

February 26, 2023 by

Eaton’s Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user’s account and associated devices.

CVE-2020-6295

February 26, 2023 by

Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to view, modify and/or make unavailable any data associated with the Cockpit, leading to Information Disclosure.

CVE-2020-6317

February 26, 2023 by

In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or render unavailable any other information in the cockpit or system. This affects SAP Adaptive Server Enterprise, Versions – 15.7, 16.0.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 11
  • Go to page 12
  • Go to page 13
  • Go to page 14
  • Go to page 15
  • Interim pages omitted …
  • Go to page 73
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE