Missing Authorization

Overview bugsink is a Self-hosted Error Tracking Affected versions of this package are vulnerable to Missing Authorization in the lookup process for sourcemaps and debug files, which was not properly scoped to the owning project. An attacker can access source context or symbolication-derived...

CVE-2026-47728

Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, Bugsink resolved sourcemaps and debug files by debug ID without scoping that lookup to the project that owned the uploaded metadata. An authenticated user with access to one project could cause event processing in that project to use...

PT-2026-43307

Name of the Vulnerable Software and Affected Versions Bugsink versions prior to 2.2.0 Description Bugsink is a self-hosted error tracking tool that resolved sourcemaps and debug files by debug ID without scoping the lookup to the project that owned the uploaded metadata. An authenticated user wit...

CVE-2025-8305

An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being printed in plaintext in Identity Agent for Terminal Services debug files...

CVE-2025-8305

An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being printed in plaintext in Identity Agent for Terminal Services debug files...

CVE-2025-8305

CVE-2025-8305 concerns Check Point Identity Agent for Terminal Services. An authenticated local user can access plaintext debug files that expose sensitive information, enabling the user to claim security policy rules of another user. The root cause is sensitive data printed in plaintext in Ident...

EUVD-2025-204700

An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being printed in plaintext in Identity Agent for Terminal Services debug files...

CVE-2025-8305 Information Disclosure in Identity Agent Debug Files

An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being printed in plaintext in Identity Agent for Terminal Services debug files...

CVE-2025-8305 Information Disclosure in Identity Agent Debug Files

An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being printed in plaintext in Identity Agent for Terminal Services debug files...

EUVD-2015-4982

Malware in sbrugna...

smb: client: fix potential UAF in cifs_debug_files_proc_show()

...

AZL-54981 CVE-2024-26928 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifsdebugfilesprocshow Skip sessions that are being teared down status == SESEXITING to avoid UAF...

UBUNTU-CVE-2024-26928

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifsdebugfilesprocshow Skip sessions that are being teared down status == SESEXITING to avoid UAF...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, short message alerts, and product image scaling. A security vulnerability previously existed in PrestaShop So Flexibilite version 4.1.26, which stemmed from a...

Code injection

Symbolicator is a service used in Sentry. Starting in Symbolicator version 0.3.3 and prior to version 21.12.1, an attacker could make Symbolicator send GET HTTP requests to arbitrary URLs with internal IP addresses by using an invalid protocol. The responses of those requests could be exposed via...

Denial Of Service (DoS)

binutils is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the loadseparatedebugfiles function in the dwarf2.c file. The function is responsible for loading debug information from separate ELF files. The vulnerability occurs when the function fails to properly check the...

AZL-28051 CVE-2022-48063 affecting package binutils for versions less than 2.37-10

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function loadseparatedebugfiles at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack...

DEBIAN-CVE-2022-48063

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function loadseparatedebugfiles at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack...

Memory corruption

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function loadseparatedebugfiles at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack...

PT-2023-6126 · Gnu +6 · Gnu Binutils +6

Name of the Vulnerable Software and Affected Versions: GNU Binutils versions prior to 2.40 Description: The issue is related to excessive memory consumption via the load separate debug files function at dwarf2.c. An attacker could supply a crafted ELF file, potentially leading to a DNS attack. Th...