• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-532

CVE-2021-45103

February 23, 2023 by

An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can access files stored in S3 cloud storage that a user has asked HTCondor to transfer.

CVE-2021-45034

February 23, 2023 by

A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). The web server of the affected system allows access to logfiles and diagnostic data generated by a privileged user. An unauthenticated attacker could access the files by knowing the corresponding download links.

CVE-2021-44862

February 23, 2023 by

Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user can use the sensitive information to download data and impersonate another user.

CVE-2021-44234

February 23, 2023 by

SAP Business One – version 10.0, extended log stores information that can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

CVE-2021-43271

February 23, 2023 by

Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11.1, 11.11.1a, 11.11.5, and 11.11.5a (when configured to use local, RADIUS, or TACACS authentication) logs usernames and passwords if either is entered incorrectly. If a user enters an incorrect username and/or password when logging into the WebUI, these attempted credentials are included in an error message that is logged in the WebUI log file. A log entry does not appear if the username and password provided correctly match a valid set of credentials. This also does not happen if AppResponse is configured to use SAML authentication. The WebUI log file is included in subsequent diagnostic system dumps that are generated. (Only users with Full Control access to the System Configuration permission can generate system dumps. By default, only System Administrators have Full Control access to the System Configuration permission.)

CVE-2021-41808

February 23, 2023 by

In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated authentication to event log wrote sensitive information to log. Mitigating factors are logging is disabled by default.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 40
  • Go to page 41
  • Go to page 42
  • Go to page 43
  • Go to page 44
  • Interim pages omitted …
  • Go to page 73
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE