CVE-2025-13113 Web Accessibility by accessiBe <= 2.11 - Unauthenticated Sensitive Information Exposure

The Web Accessibility by accessiBe plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11. This is due to the accessiberenderjsinfooter function logging the complete plugin options array to the browser console on public pages, without...

CVE-2026-25813

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to console output without masking or redaction...

CVE-2026-25813

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to console output without masking or redaction...

Sensitive Information Exposure

@actual-app/sync-server is vulnerable to sensitive Information Exposure. The vulnerability is due to logging parsed API responses to STDOUT using console.log/console.debug, which allows an attacker with access to application logs to obtain sensitive data such as bearer tokens, bank account detail...

Information Exposure

Overview @actual-app/sync-server is an actual syncing server Affected versions of this package are vulnerable to Information Exposure via the console.log and console.debug functions, which log sensitive response payloads from external services, including bearer tokens, account numbers, and...

EUVD-2025-18219

Malicious code in bioql PyPI...

EUVD-2025-21396

Malicious code in bioql PyPI...

CVE-2025-53885

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0 and prior to version 11.9.0, when using Directus Flows to handle CRUD events for users it is possible to log the incoming data to console using the "Log to Console" operation and a template...

GHSA-X3VM-88HF-GPXP Directus is vulnerable to sensitive data exposure as user data is not being redacted when logged

Summary When using Directus Flows to handle CRUD events for users it is possible to log the incoming data to console using the "Log to Console" operation and a template string. Impact Malicious admins can log sensitive data from other users when they are created or updated. Workarounds Avoid...

CVE-2025-49589

PCSX2 is a free and open-source PlayStation 2 PS2 emulator. A stack-based buffer overflow exists in the KprintfHLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP...

UBUNTU-CVE-2025-49589

PCSX2 is a free and open-source PlayStation 2 PS2 emulator. A stack-based buffer overflow exists in the KprintfHLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP...

CVE-2025-49589 PCSX2 Contains a Stack-based Buffer Overflow in IOP Console Logging

PCSX2 is a free and open-source PlayStation 2 PS2 emulator. A stack-based buffer overflow exists in the KprintfHLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP...

CVE-2025-49589 PCSX2 Contains a Stack-based Buffer Overflow in IOP Console Logging

PCSX2 is a free and open-source PlayStation 2 PS2 emulator. A stack-based buffer overflow exists in the KprintfHLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP...

CVE-2025-49589

PCSX2 is a free and open-source PlayStation 2 PS2 emulator. A stack-based buffer overflow exists in the KprintfHLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP...

CVE-2025-49589 PCSX2 Contains a Stack-based Buffer Overflow in IOP Console Logging

PCSX2 is a free and open-source PlayStation 2 PS2 emulator. A stack-based buffer overflow exists in the KprintfHLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP...

CVE-2025-49589

CVE-2025-49589 (PCSX2) affects the PCSX2 PS2 emulator. A stack-based buffer overflow exists in the Kprintf_HLE function in versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow an attacker to execute arbitrary code if IOP Console Logging is enabled (describe...

PT-2025-25358 · Pcsx2 +1 · Pcsx2 +1

Name of the Vulnerable Software and Affected Versions: PCSX2 versions up to 2.3.414 Description: A stack-based buffer overflow exists in the Kprintf HLE function. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled I...

CVE-2024-51752

The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In affected versions refresh tokens are logged to the console when the disabled by default debug flag, is enabled. This issue has been patched in version 0.13...

Refresh Token Exposure

@workos-inc/authkit-nextjs is vulnerable to Refresh Token Exposure. The vulnerability is due to improper handling of sensitive data, where refresh tokens are logged to the console if the debug flag, which is disabled by default, is enabled. This allows an attacker with access to the logs to steal...

Information Exposure

@workos-inc/authkit-remix is vulnerable to Information Exposure. The vulnerability is due to the debug flag being enabled, which allows an attacker to view refresh tokens logged to the console...