276 matches found
EUVD-2022-43257
Malicious code in bioql PyPI...
EUVD-2025-13048
Malicious code in bioql PyPI...
EUVD-2024-53370
Malicious code in bioql PyPI...
EUVD-2025-16612
Malicious code in bioql PyPI...
CVE-2025-10377 System Dashboard <= 2.8.20 - Cross-Site Request Forgery
The System Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.20. This is due to missing nonce validation on the sdtogglelogs function. This makes it possible for unauthenticated attackers to toggle critical logging settings...
PT-2025-39486
Name of the Vulnerable Software and Affected Versions System Dashboard plugin for WordPress versions prior to 2.8.21 Description The System Dashboard plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is caused by a lack of nonce validation in the sd toggle logs function...
Information Disclosure
github.com/traptitech/traq is vulnerable to Information Disclosure. The vulnerability is due to sensitive information such as OAuth tokens being recorded in SQL error log files when a query fails, which allows an attacker with log access to intentionally trigger errors and acquire the exposed dat...
CVE-2023-53375
In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: cd /sys/kernel/tracing...
DEBIAN-CVE-2023-53375
In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: cd /sys/kernel/tracing...
UBUNTU-CVE-2023-53375
In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: cd /sys/kernel/tracing...
CVE-2023-53375 tracing: Free error logs of tracing instances
In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: cd /sys/kernel/tracing...
CVE-2023-53375
The CVE refers to a Linux kernel tracing issue: when a tracing instance is removed, the error logs from that instance were not freed, causing a memory leak reported by kmemleak. The problem statement and example trace are provided in the initial document, and connected advisories (EulerOS kernel ...
CVE-2023-53375 tracing: Free error logs of tracing instances
In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: cd /sys/kernel/tracing...
CVE-2023-53375
In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: cd /sys/kernel/tracing...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to release error logs when removing a trace instance, which could lead to a memory leak...
CVE-2025-10084
A vulnerability was identified in elunez eladmin up to 2.7. This affects the function queryErrorLogDetail of the file /api/logs/error/1 of the component SysLogController. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit is publicly...
CVE-2025-10084
CVE-2025-10084 affects elunez eladmin up to version 2.7, targeting the SysLogController function queryErrorLogDetail in the file /api/logs/error/1. The issue enables improper authorization and can be exploited remotely; the exploit is publicly available. Several sources corroborate the vulnerabil...
traQ 日志信息泄露漏洞
traq is a PHP-based project management and issue tracking system by Jack Polgar, a personal developer. A log information disclosure vulnerability exists in versions of traQ prior to 3.25.0, which stems from recording sensitive information in SQL error logs, which could lead to information...
CVE-2025-5428
A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2025-5428
A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has bee...