Total
993 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34826 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 5.9 Medium |
| In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the logs. | ||||
| CVE-2022-34570 | 1 Wavlink | 2 Wl-wn579x3, Wl-wn579x3 Firmware | 2024-11-21 | 7.5 High |
| WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows attackers to obtain the key information via accessing the messages.txt page. | ||||
| CVE-2022-34369 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 8.1 High |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 , contain an insertion of sensitive information in log files vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to exposure of this sensitive data. | ||||
| CVE-2022-33911 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 5.3 Medium |
| An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information. | ||||
| CVE-2022-33737 | 1 Openvpn | 1 Openvpn Access Server | 2024-11-21 | 7.5 High |
| The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin password | ||||
| CVE-2022-33697 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
| Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. | ||||
| CVE-2022-33693 | 1 Google | 1 Android | 2024-11-21 | 2 Low |
| Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. | ||||
| CVE-2022-33688 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
| Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. | ||||
| CVE-2022-33687 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
| Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log. | ||||
| CVE-2022-32565 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 7.5 High |
| An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted usernames and document ids. | ||||
| CVE-2022-32556 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 7.5 High |
| An issue was discovered in Couchbase Server before 7.0.4. A private key is leaked to the log files with certain crashes. | ||||
| CVE-2022-32254 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-11-21 | 4.3 Medium |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker. | ||||
| CVE-2022-32193 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 6.5 Medium |
| Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor. | ||||
| CVE-2022-30742 | 1 Samsung | 1 Find My Mobile | 2024-11-21 | 3.3 Low |
| Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permissio to get sim card information through device log. | ||||
| CVE-2022-30741 | 1 Samsung | 1 Find My Mobile | 2024-11-21 | 3.3 Low |
| Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permission to get sim card information through device log. | ||||
| CVE-2022-30733 | 1 Samsung | 1 Account | 2024-11-21 | 4 Medium |
| Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission. | ||||
| CVE-2022-2394 | 1 Perforce | 1 Puppet Bolt | 2024-11-21 | 4.1 Medium |
| Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise. | ||||
| CVE-2022-29928 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 4.4 Medium |
| In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible | ||||
| CVE-2022-29869 | 3 Debian, Fedoraproject, Samba | 3 Debian Linux, Fedora, Cifs-utils | 2024-11-21 | 5.3 Medium |
| cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. | ||||
| CVE-2022-29810 | 2 Hashicorp, Redhat | 4 Go-getter, Acm, Openshift and 1 more | 2024-11-21 | 5.5 Medium |
| The Hashicorp go-getter library before 1.5.11 does not redact an SSH key from a URL query parameter. | ||||