CWE-532: CWE-532

Nomad audit logs unintentionally expose sensitive workload identity tokens and client secret tokens. This allows attackers with access to audit logs t...

This vulnerability affects multiple Siemens industrial routers and allows authenticated remote attackers to forge 2FA tokens of other users by extract...

The Veracode Scan Jenkins Plugin before version 23.3.19.0 exposes proxy credentials in job logs when specific configurations are enabled. Users with a...

Ray versions before 2.43.0 log Redis passwords in standard logging when passed as arguments, potentially exposing authentication credentials. This aff...

This vulnerability in JetBrains TeamCity allows password-type parameters to leak into build logs under specific conditions. It affects organizations u...

This vulnerability causes sensitive information to be inadvertently logged and emailed to administrators when upstream library errors occur in OTRS sy...

Dell PowerScale OneFS versions 9.5.0.x have a vulnerability where SNMPv3 logs sensitive information that low-privilege users can access. This allows u...

This vulnerability allows sensitive information to be written to log files in the Windows Kernel, potentially exposing confidential data to local atta...

This vulnerability in Active Directory Federation Services (AD FS) allows unauthorized local attackers to read sensitive information from log files. I...

IBM QRadar SIEM versions 7.5 through 7.5.0 Update Package 12 store sensitive information in log files that local users can read. This information disc...

This vulnerability exposes Facebook user access tokens in plain text within application logs when Facebook authentication requests fail in Para versio...

IBM UrbanCode Deploy versions 7.0 through 7.2.3.13 store sensitive information in HTTP request logs that could be read by local users. This informatio...

IBM Watson CP4D Data Stores versions 4.0.0 through 4.8.4 store sensitive information in log files that could be read by local users. This information ...

CVE-2024-6104 is an information disclosure vulnerability in go-retryablehttp where URLs containing HTTP basic authentication credentials are written t...

This vulnerability allows sensitive information to be exposed in Elasticsearch log files when auditing requests to the reindex API. Attackers with acc...

This vulnerability in Fujitsu ETERNUS SF management software allows non-admin users to access collected maintenance data, potentially compromising sys...

This vulnerability allows sensitive information to be written to log files in the Windows Kernel. An authenticated attacker with local access could re...

The unity-cli command-line utility logs sensitive credentials (email and password) in plaintext when using the --verbose flag with the sign-package co...

A macOS logging vulnerability allows applications to access sensitive user data that should have been redacted. This affects macOS Tahoe versions befo...

A logging vulnerability in iOS/iPadOS allowed applications to access sensitive user data through insufficient data redaction in system logs. This affe...

This CVE describes a logging data exposure vulnerability in Apple operating systems where applications could access sensitive user data through insuff...

A vulnerability in ansible-collection-community-general exposes plaintext passwords in verbose output when running Ansible with debug modes. Attackers...

Windows License Manager logs sensitive information to local files, allowing authenticated local users to read this data. This affects Windows systems ...

Windows License Manager logs sensitive information to local files, allowing authenticated local attackers to read these logs and potentially obtain cr...

NETGEAR WAX610 and WAX610Y access points inadvertently record login credentials in syslog files when a syslog server is configured. This allows anyone...

This vulnerability allows sensitive information to be written to log files in Windows Failover Cluster. An authenticated attacker with local access co...

A logging vulnerability in Apple operating systems allows applications to access sensitive user data that should have been redacted. This affects user...

This CVE describes a logging vulnerability in Apple operating systems where sensitive user data may not be properly redacted in logs. An application c...

NVIDIA Cumulus Linux and NVOS products log hashed user passwords in log files, potentially exposing credential information to unauthorized users who c...

The AdGuard Safari plugin before version 1.11.22 logged every URL accessed by Safari into macOS system logs, which were readable by any unsandboxed pr...

This vulnerability allows local authenticated attackers to access sensitive information that was improperly logged in Ivanti Connect Secure and Policy...

RabbitMQ versions 3.13.7 and prior log HTTP API authorization headers containing base64-encoded credentials in plaintext. This allows attackers with a...

HCL DevOps Deploy/Launch stores authentication tokens in log files that local users can read. This allows unauthorized access to sensitive credentials...

JetBrains YouTrack versions before 2024.3.55417 expose permanent authentication tokens in application logs. This vulnerability allows attackers with a...

Fortra Application Hub (formerly Helpsystems One) versions before 1.3 log credentials in IAM log files under certain logging configurations. This allo...

This Windows kernel vulnerability allows attackers to read sensitive kernel memory information, potentially exposing system details or credentials. It...

This Windows kernel vulnerability allows attackers to read sensitive memory information from the kernel address space. It affects Windows systems with...

This Windows kernel vulnerability allows attackers to read sensitive memory information from the kernel address space. It affects Windows systems with...

This Windows kernel vulnerability allows attackers to read sensitive memory information from the kernel address space. It affects Windows systems with...

IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) version 11.5 may write sensitive information to log files under specific conditions...

This vulnerability in Checkmk monitoring software causes remote site secrets to be written to web log files accessible to local site users. Attackers ...

The AuthKit library for Next.js logs refresh tokens to the console when the debug flag is enabled, potentially exposing sensitive authentication crede...

This CVE describes an information disclosure vulnerability in Apple operating systems where an app could leak sensitive kernel state through log entri...

A sandboxed app on affected Apple operating systems could access sensitive user data from system logs due to insufficient data redaction. This vulnera...

This CVE describes a macOS privacy vulnerability where applications could access sensitive user data from system logs. It affects macOS Ventura, Sonom...

This vulnerability in Realtek card reader drivers leaks kernel memory addresses in driver logs, weakening Kernel Address Space Layout Randomization (K...

This vulnerability in IBM Security Verify Access allows local users to access sensitive information from trace logs. It affects versions 10.0.0 throug...

Spring Vault applications that attempt to revoke Vault batch tokens may inadvertently log sensitive information. This affects applications using Sprin...

Tanium's TanOS logs sensitive information that could be exposed to unauthorized users. This affects organizations using vulnerable Tanium deployments ...

The WP Reset WordPress plugin exposes sensitive license keys and site data when debugging is enabled. This vulnerability affects all versions up to 2....