Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-532

CWE-532

Medium likelihood

Insertion of Sensitive Information into Log File

Parent: CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory

The product writes sensitive information to a log file.

1,137 vulnerabilities with CWE-532

CVE-2021-27026 MEDIUM

Puppet 2021.0.0-2021.4.0, Puppet Connect < 0.4.0, Puppet Enterprise < 2019.8.9 - Sensitive Information Disclosure

CVE-2021-0148 MEDIUM

Intel SSD DC Firmware - Information Disclosure via Log File Insertion

CVE-2021-3791 MEDIUM

Motorola-branded Binatone Hubble Cameras - Info Disclosure

CVE-2021-40364 MEDIUM

SIMATIC PCS 7 & WinCC - Info Disclosure

CVE-2021-39913 MEDIUM

GitLab < 14.2.6, 14.3 < 14.3.4, 14.4 < 14.4.1 - Sensitive Information Disclosure in Migration Log

CVE-2021-20129 HIGH

Draytek VigorConnect 1.6.0-B3 - Unauthenticated Sensitive Information Disclosure via System Log Export

CVE-2021-39900 LOW

GitLab 10.8.0-14.1.6 - Information Disclosure via SendEntry Rails Log Exposure

CVE-2021-39246 MEDIUM

Tor Browser <= 10.5.6 and 11.x <= 11.0a4 - Privacy Compromise via v2 Onion Address Visit Timestamp Logging

CVE-2021-23046 MEDIUM

Guided Configuration <8.0.0 - Info Disclosure

CVE-2021-32724 CRITICAL

check-spelling < 0.0.19 - Sensitive Information Exposure via GitHub Token Leak

CVE-2021-32801 MEDIUM

Nextcloud <20.0.12,21.0.4,22.1.0 - Info Disclosure

CVE-2021-27022 MEDIUM

Puppet 2021.0.0-2021.2.x and Puppet Enterprise < 2019.8.8 - Sensitive Information Exposure in Log Files

CVE-2021-22929 MEDIUM

Brave Browser Desktop <1.28.62 - Info Disclosure

CVE-2021-27019 MEDIUM

Puppet Enterprise < 2019.8.6 and PuppetDB 6.0.0-6.16.1 - Sensitive Information Disclosure in Log Files

CVE-2021-22024 HIGH

VMware vRealize Operations Manager < 8.5.0 - Unauthenticated Arbitrary Log File Read

CVE-2021-39291 HIGH

NetModule Router Software < 4.3.0.113 - Sensitive Information Exposure via CLI-PHP GET Parameters

CVE-2021-37709 MEDIUM

Shopware < 6.4.3.1 - Insecure Direct Object Reference in Import/Export Log Files

CVE-2021-36278 HIGH

Dell EMC PowerScale OneFS <9.1.1.1 - Info Disclosure

CVE-2021-21601 HIGH

Dell EMC Data Protection Search < 19.5 and IDPA < 2.7 - Information Exposure in Log File

CVE-2021-21598 LOW

Dell Wyse ThinOS 9.0-9.1 MR1 - Authenticated Sensitive Information Disclosure in Log Files

CVE-2021-21597 HIGH

Dell Wyse ThinOS 9.0 - Authenticated Sensitive Information Disclosure via Log File

CVE-2021-26999 MEDIUM

NetApp Cloud Manager < 3.9.9 - Authenticated Sensitive Information Exposure via Active Directory Connection Failure Logs

CVE-2021-26998 MEDIUM

NetApp Cloud Manager < 3.9.9 - Authenticated Sensitive Information Exposure in Log Files

CVE-2021-37760 CRITICAL

Graylog < 4.1.2 - Session ID Leak in Audit Log

CVE-2021-37759 CRITICAL

Graylog < 4.1.2 - Session ID Leak in DEBUG Log File

Previous Page 31 of 46 Next

Details

Vulnerabilities 1,137

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy