CVE-2025-67561

CVE-2025-67561 relates to the WordPress Debug Log Viewer plugin and describes a Broken Access Control / Missing Authorization vulnerability in versions up to and including 2.0.3. The issue stems from incorrectly configured access controls enabling an attacker to exploit the vulnerability; several...

CVE-2023-53828 Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Avoid use-after-free in dbg for hciaddadvmonitor KSAN reports use-after-free in hciaddadvmonitor. While adding an adv monitor, hciaddadvmonitor calls - msftaddmonitorpattern calls - msftaddmonitorsync calls -...

CVE-2022-50665 wifi: ath11k: fix failed to find the peer with peer_id 0 when disconnected

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix failed to find the peer with peerid 0 when disconnected It has a fail log which is ath11kdbg in ath11kdprxprocessmonstatus, as below, it will not print when debugmask is not set ATH11KDBGDATA. ath11kdbgab,...

CVE-2022-50665

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix failed to find the peer with peerid 0 when disconnected It has a fail log which is ath11kdbg in ath11kdprxprocessmonstatus, as below, it will not print when debugmask is not set ATH11KDBGDATA. ath11kdbgab,...

PT-2025-50242

Name of the Vulnerable Software and Affected Versions OpenBMCS version 2.4 Description An information disclosure issue exists in OpenBMCS version 2.4 that allows unauthenticated attackers to access sensitive files. This is possible through exploitation of directory listing functionality. Attacker...

WordPress plugin Debug Log Viewer 安全漏洞

WordPress Debug Log Viewer plugin is a tool for managing debug logs for WordPress systems. A lack of authorization vulnerability exists in the WordPress Debug Log Viewer plugin, which can be exploited by an attacker to cause the exploitation of a misconfigured access control security level...

PT-2025-49719

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Bluetooth component of the Linux kernel, specifically within the hci add adv monitor function. The issue occurs when adding an advertisement monitor,...

PT-2025-49935

Missing Authorization vulnerability in Oleksandr Lysyi Debug Log Viewer debug-log-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Log Viewer: from n/a through = 2.0.3...

PT-2025-49669

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tp tunnel register When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tp tunnel register. This situation is reproduc...

Ladybug debug 安全漏洞

Ladybug debug is an open source debugging and testing tool from WeAreFrank! A security vulnerability exists in versions prior to Ladybug debug 3.0-20251107.114628, which stems from a deserialization vulnerability that could lead to remote code execution...

Linux Distros Unpatched Vulnerability : CVE-2025-40226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: armscmi: Account for failed debug initialization When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the...

CVE-2020-36876

ReQuest Serious Play F3 Media Server versions 7.0.3.4968 Pro, 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 allows unauthenticated attackers to disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments running...

CVE-2025-13494

The SSP Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.0. This is due to the plugin storing PHP error logs in a predictable, web-accessible location wp-content/uploads/ssp-debug/ssp-debug.log without any access controls. This...

CVE-2020-36876

ReQuest Serious Play F3 Media Server versions 7.0.3.4968 Pro, 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 allows unauthenticated attackers to disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments running...

EUVD-2020-30828

ReQuest Serious Play F3 Media Server versions 7.0.3.4968 Pro, 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 allows unauthenticated attackers to disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments running...

CVE-2020-36876

CVE-2020-36876 affects ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823. An unauthenticated attacker can access the webserver’s Python debug log by visiting the message_log page, disclosing system information, credential...

CVE-2020-36876 ReQuest Serious Play F3 Media Server <= 7.0.3 Debug Log Disclosure2020

ReQuest Serious Play F3 Media Server versions 7.0.3.4968 Pro, 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 allows unauthenticated attackers to disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments running...

CVE-2020-36876 ReQuest Serious Play F3 Media Server <= 7.0.3 Debug Log Disclosure2020

ReQuest Serious Play F3 Media Server versions 7.0.3.4968 Pro, 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 allows unauthenticated attackers to disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments running...

CVE-2025-40226

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Account for failed debug initialization When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the underlying descriptor will be NULL. Handle this fault condition in the...

CVE-2025-14092 Edimax BR-6478AC V3 formDebugDiagnosticRun sub_416898 os command injection

A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed...