An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The kernel logging feature allows attackers to discover virtual addresses via vectors involving shared memory. The Samsung ID is SVE-2020-17605 (July 2020).
CWE-532
CVE-2020-15370
Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. The vulnerability is due to incorrectly logging the user password in log files.
CVE-2020-15380
Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level.
CVE-2020-15095
Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like “://[[:]@][:][:][/]”. The password value is not redacted and is printed to stdout and also to any generated log files.
CVE-2020-14518
Philips DreamMapper, Version 2.24 and prior. Information written to log files can give guidance to a potential attacker.
CVE-2020-14470
In Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2, an authenticated user with could trigger a deployment that leaks the Helm Chart repository password.