Tigera Calico 安全漏洞

Tigera Calico is an open-source network security solution developed by the American company Tigera, designed for container, virtual machine, and host workload scenarios. Tigera Calico has a security vulnerability that arises from printing the complete connection configuration structure when calle...

Astra Linux - уязвимость в cups

OpenPrinting CUPS is an open-source printing system. In versions 2.4.2 and earlier, a heap buffer overflow vulnerability existed, which allowed a remote attacker to launch a Denial-of-Service DoS attack. This vulnerability was present in the formatlogline function. Exploitation of this...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Modified the print level of CQE errors. Excessive printing may cause panic in the kernel. Change ibdeverr to ibdeverrratelimited, and adjust the printing level of CQE dumps to debug level...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUGQLA1280 enabled and qldebuglevel 2. I think its clear from the code that the...

sssd security update

2.9.7-4.0.1.1 - Restore default debug level for ssscache Orabug: 32810448 Fri Oct 17 2025 Tomas Halman - Resolves: RHEL-120298 - CVE-2025-11561 sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems...

CVE-2025-62232

Apache APISIX is affected by a logging-related data exposure (CVE-2025-62232) where basic-auth credentials are written in plaintext to error logs and forwarded to log sinks when the log level is INFO/DEBUG. The issue is caused by logging sensitive data during normal operation, creating a high ris...

Security Bulletin: Sensitive Key Exposure in Snowflake JDBC Driver Logging (Versions 3.0.13 – 3.23.0), affects watsonx.data

Summary Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver "Driver" in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side...

EUVD-2019-0008

Malware in sbrugna...

EUVD-2025-9363

Malicious code in bioql PyPI...

EUVD-2024-34323

Malicious code in bioql PyPI...

Insertion Of Sensitive Information Into Log File

github.com/edgelesssys/contrast vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is due to the logging configuration. An attacker can access sensitive information by exploiting the log output when the log level is set to info or debug...

Linux Distros Unpatched Vulnerability : CVE-2023-44483

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a privat...

CVE-2023-21496

Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21957)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21957 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debu...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21957)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21957 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debu...

scsi: qla1280: Fix kernel oops when debug level > 2

...

Insertion of Sensitive Information into Log File

Overview org.apache.activemq:artemis-server is a server package for the ActiveMQ-Artemis project. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File when the ConfigurationImpl logger is being set to debug level. An attacker can access sensitive...

CVE-2025-27391 Apache ActiveMQ Artemis: Passwords leaking from broker properties in the debug log

Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties are logged when the org.apache.activemq.artemis.core.config.impl.ConfigurationImpl logger has the debug level enabled. This issue affects Apache ActiveMQ Artemis: fro...

SUSE CVE-2025-21957

In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUGQLA1280 enabled and qldebuglevel 2. I think its clear from the code that the...

AZL-59957 CVE-2025-21957 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUGQLA1280 enabled and qldebuglevel 2. I think its clear from the code that the...