Total
1099 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-10221 | 2 Axxonsoft, Microsoft | 2 Axxon One, Windows | 2025-12-19 | 5.5 Medium |
| Insertion of Sensitive Information into Log File (CWE-532) in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows platforms allows a local attacker to obtain plaintext credentials via reading TRACE log files containing serialized JSON with passwords. | ||||
| CVE-2025-14432 | 1 Hp | 22 Poly Eagleeye Cube, Poly Eagleeye Iv, Poly G7500 and 19 more | 2025-12-18 | 4.9 Medium |
| In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center (TAC) to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration changes made using the provisioning server or the device WebUI. | ||||
| CVE-2025-13321 | 1 Mattermost | 2 Mattermost, Mattermost Desktop | 2025-12-18 | 3.3 Low |
| Mattermost Desktop App versions <6.0.0 fail to sanitize sensitive information from Mattermost logs and clear data on server deletion which allows an attacker with access to the users system to gain access to potentially sensitive information via reading the application logs. | ||||
| CVE-2025-36133 | 1 Ibm | 3 App Connect Enterprise Certified Container, App Connect Enterprise Certified Containers Operands, App Connect Operator | 2025-12-18 | 5.9 Medium |
| IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container. | ||||
| CVE-2025-48709 | 1 Bmc | 2 Control-m, Control-m\/server | 2025-12-18 | 3.8 Low |
| BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on, it runs 'DBUStatus.exe' frequently, which then calls 'dbu_connection_details.vbs' with the username, password, database hostname, and port written in cleartext, which can be seen in event and process logs in two separate locations. Fixed in PACTV.9.0.21.307. | ||||
| CVE-2025-1296 | 1 Hashicorp | 1 Nomad | 2025-12-18 | 6.5 Medium |
| Nomad Community and Nomad Enterprise (“Nomad”) are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19. | ||||
| CVE-2024-29945 | 1 Splunk | 1 Splunk | 2025-12-16 | 7.2 High |
| In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level. | ||||
| CVE-2024-9453 | 2 Jenkins, Redhat | 3 Jenkins, Ocp Tools, Openshift Developer Tools And Services | 2025-12-12 | 6.5 Medium |
| A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the logs and potentially carries a high risk if those logs are centralized when collected. The token is typically valid for one year. This flaw allows a malicious user to jeopardize the environment if they have access to sensitive information. | ||||
| CVE-2024-51752 | 1 Workos | 1 Authkit-nextjs | 2025-12-11 | 5.5 Medium |
| The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In affected versions refresh tokens are logged to the console when the disabled by default `debug` flag, is enabled. This issue has been patched in version 0.13.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2025-64650 | 1 Ibm | 1 Storage Defender Resiliency Service | 2025-12-10 | 6.5 Medium |
| IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files. | ||||
| CVE-2025-12940 | 1 Netgear | 4 Wax610, Wax610 Firmware, Wax610y and 1 more | 2025-12-08 | 5.5 Medium |
| Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR WAX610 and WAX610Y (AX1800 Dual Band PoE Multi-Gig Insight Managed WiFi 6 Access Points). An user having access to the syslog server can read the logs containing these credentials. This issue affects WAX610: before 10.8.11.4; WAX610Y: before 10.8.11.4. Devices managed with Insight get automatic updates. If not, please check the firmware version and update to the latest. Fixed in: WAX610 firmware 11.8.0.10 or later. WAX610Y firmware 11.8.0.10 or later. | ||||
| CVE-2025-11446 | 1 Upkeeper | 1 Upkeeper Manager | 2025-12-02 | 6.5 Medium |
| Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12. | ||||
| CVE-2025-20329 | 1 Cisco | 2 Roomos, Telepresence Collaboration Endpoint | 2025-12-01 | 4.9 Medium |
| A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability exists because certain unencrypted credentials are stored when SIP media component logging is enabled. An attacker could exploit this vulnerability by accessing the audit logs on an affected system and obtaining credentials to which they may not normally have access. A successful exploit could allow the attacker to use those credentials to access confidential information, some of which may contain personally identifiable information (PII). Note: To access the logs that are stored in the Webex Cloud or stored on the device itself, an attacker must have valid administrative credentials. | ||||
| CVE-2025-20373 | 1 Splunk | 1 Splunk | 2025-12-01 | 2.7 Low |
| In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the _internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) in the Splunk documentation for more information. | ||||
| CVE-2024-23686 | 1 Owasp | 1 Dependency-check | 2025-11-29 | 5.3 Medium |
| DependencyCheck for Maven 9.0.0 to 9.0.6, for CLI version 9.0.0 to 9.0.5, and for Ant versions 9.0.0 to 9.0.5, when used in debug mode, allows an attacker to recover the NVD API Key from a log file. | ||||
| CVE-2025-8663 | 1 Upkeeper | 1 Upkeeper Manager | 2025-11-26 | 6.5 Medium |
| Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.0.0 before 5.2.12. | ||||
| CVE-2024-9621 | 1 Redhat | 1 Camel Quarkus | 2025-11-20 | 5.3 Medium |
| A vulnerability was found in Quarkus CXF. Passwords and other secrets may appear in the application log in spite of the user configuring them to be hidden. This issue requires some special configuration to be vulnerable, such as SOAP logging enabled, application set client, and endpoint logging properties, and the attacker must have access to the application log. | ||||
| CVE-2023-4380 | 1 Redhat | 6 Ansible Automation Platform, Ansible Automation Platform Developer, Ansible Automation Platform Inside and 3 more | 2025-11-20 | 6.3 Medium |
| A logic flaw exists in Ansible Automation platform. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credentials from the log, resulting in the loss of confidentiality, integrity, and availability. | ||||
| CVE-2025-34188 | 4 Apple, Linux, Printerlogic and 1 more | 6 Macos, Linux Kernel, Vasion Print and 3 more | 2025-11-17 | 7.8 High |
| Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (macOS/Linux client deployments) contain a vulnerability in the local logging mechanism. Authentication session tokens, including PHPSESSID, XSRF-TOKEN, and laravel_session, are stored in cleartext within world-readable log files. Any local user with access to the machine can extract these session tokens and use them to authenticate remotely to the SaaS environment, bypassing normal login credentials, potentially leading to unauthorized system access and exposure of sensitive information. This vulnerability has been identified by the vendor as: V-2022-008 — Secrets Leaked in Logs. | ||||
| CVE-2025-1075 | 1 Checkmk | 1 Checkmk | 2025-11-13 | 7.5 High |
| Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p27, <2.2.0p40, and 2.1.0p51 (EOL) causes LDAP credentials to be written to Apache error log file accessible to administrators. | ||||