• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-532

CVE-2022-32254

February 23, 2023 by godfreyd94

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker.

CVE-2022-32193

February 23, 2023 by godfreyd94

Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor.

CVE-2022-32217

February 23, 2023 by godfreyd94

A cleartext storage of sensitive information exists in Rocket.Chat

CVE-2022-3191

February 23, 2023 by godfreyd94

Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux (Virtual Strage Software Agent component) allows local users to gain sensitive information. This issue affects Hitachi Ops Center Analyzer: from 10.8.1-00 before 10.9.0-00

CVE-2022-31674

February 23, 2023 by godfreyd94

VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can access log files that lead to information disclosure.

CVE-2022-31186

February 23, 2023 by godfreyd94

NextAuth.js is a complete open source authentication solution for Next.js applications. An information disclosure vulnerability in `next-auth` before `v4.10.2` and `v3.29.9` allows an attacker with log access privilege to obtain excessive information such as an identity provider’s secret in the log (which is thrown during OAuth error handling) and use it to leverage further attacks on the system, like impersonating the client to ask for extensive permissions. This issue has been patched in `v4.10.2` and `v3.29.9` by moving the log for `provider` information to the debug level. In addition, we added a warning for having the `debug: true` option turned on in production. If for some reason you cannot upgrade, you can user the `logger` configuration option by sanitizing the logs.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 61
  • Go to page 62
  • Go to page 63
  • Go to page 64
  • Go to page 65
  • Interim pages omitted …
  • Go to page 73
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE