PT-2025-48126

Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code vulnerability that allows an attacker to connect via Telnet and gain access to the device...

sssd security update

2.9.7-4.0.1.1 - Restore default debug level for ssscache Orabug: 32810448 Fri Oct 17 2025 Tomas Halman - Resolves: RHEL-120298 - CVE-2025-11561 sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems...

kernel: mm: slub: avoid wake up kswapd in set_track_prepare

A deadlock lock recursion vulnerability exists in the linux kernel such that when CONFIGDEBUGOBJECTSTIMERS is set, may wake up kswapd in settrackprepare, and try to hold the percpuhrtimerbases lock...

CVE-2025-52671

Debug information disclosure in the SQL error message to in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes non-admin users to acquire information about the software, PHP and database versions currently in use...

EUVD-2025-198346

Debug information disclosure in the SQL error message to in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes non-admin users to acquire information about the software, PHP and database versions currently in use...

CVE-2025-52671

CVE-2025-52671 describes an information-disclosure vulnerability in Revive Adserver where SQL error messages reveal debugging details, enabling non-admin users to learn software, PHP, and database versions. Connected sources (CNVD, RH, EUVD, NVD, OSV, CVE/CVEList, and a HackerOne report) consiste...

CVE-2025-52671

Debug information disclosure in the SQL error message to in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes non-admin users to acquire information about the software, PHP and database versions currently in use...

Revive Adserver 安全漏洞

Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from an...

CVE-2025-46775

A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log...

CVE-2025-54660

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password...

CVE-2025-54660

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password...

CVE-2025-46775

A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log...

CVE-2025-54660

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run the application step by step and retrieve the saved VPN user password...

CVE-2025-54660

Fortinet FortiClientWindows is affected by an active debug code vulnerability in versions 7.0.0–7.4.3 and 7.2.0–7.2.10 that may allow a local attacker to execute the application step by step and retrieve the saved VPN user password. The linked Red Hat/NVD/CVE entries confirm the same impact. Ther...

CVE-2025-46775

A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log...

EUVD-2025-198015

A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log...

CVE-2025-46775

Fortinet FortiExtender contains a vulnerability where debug messages disclose unnecessary information, potentially allowing an authenticated user to obtain administrator credentials. Affected versions include 7.0 all versions, 7.2 all versions, 7.4.0–7.4.6, and 7.6.0–7.6.1. The root cause is expo...

CVE-2025-46775

A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log...

PT-2025-47352

Name of the Vulnerable Software and Affected Versions Fortinet FortiExtender versions 7.0 all versions Fortinet FortiExtender versions 7.2 all versions Fortinet FortiExtender versions 7.4.0 through 7.4.6 Fortinet FortiExtender versions 7.6.0 through 7.6.1 Description An issue exists in Fortinet...

METZ CONNECT多款产品 安全漏洞

METZ CONNECT Energy-Controlling EWIO2-M and others are products of METZ CONNECT, Germany.METZ CONNECT Energy-Controlling EWIO2-M is a high performance data logger.METZ CONNECT Energy- Controlling EWIO2-M-BM is a high performance data logger.METZ CONNECT Ethernet-IO EWIO2-BM is a sensor and actuat...