111 matches found
DEBIAN-CVE-2025-21957
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUGQLA1280 enabled and qldebuglevel 2. I think its clear from the code that the...
AZL-59949 CVE-2025-21957 affecting package kernel for versions less than 6.6.85.1-2
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUGQLA1280 enabled and qldebuglevel 2. I think its clear from the code that the...
UBUNTU-CVE-2025-21957
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUGQLA1280 enabled and qldebuglevel 2. I think its clear from the code that the...
CVE-2025-21957 scsi: qla1280: Fix kernel oops when debug level > 2
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUGQLA1280 enabled and qldebuglevel 2. I think its clear from the code that the...
CVE-2025-21957 scsi: qla1280: Fix kernel oops when debug level > 2
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUGQLA1280 enabled and qldebuglevel 2. I think its clear from the code that the...
CVE-2025-21957
The CVE refers to a Linux kernel issue affecting the SCSI qla1280 driver. When the driver is compiled with DEBUG_QLA1280 and ql_debug_level > 2, a null dereference can cause an oops. The root cause is incorrect handling of debug printing, where sg_next(s) was used instead of sg_dma_len(s). The...
CVE-2025-21957 scsi: qla1280: Fix kernel oops when debug level > 2
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUGQLA1280 enabled and qldebuglevel 2. I think its clear from the code that the...
CVE-2024-11217 Oauth-server-container: oauth-server-container logs client secret in debug level
A vulnerability was found in the OAuth-server. OAuth-server logs the OAuth2 client secret when the logLevel is Debug higher for OIDC/GitHub/GitLab/Google IDPs login options...
CVE-2024-11217 Oauth-server-container: oauth-server-container logs client secret in debug level
A vulnerability was found in the OAuth-server. OAuth-server logs the OAuth2 client secret when the logLevel is Debug higher for OIDC/GitHub/GitLab/Google IDPs login options...
PT-2024-16834 · Unknown · Oauth-Server
Name of the Vulnerable Software and Affected Versions: OAuth-server affected versions not specified Description: A weakness was found in the OAuth-server, where it logs the OAuth2 client secret when the logLevel is set to Debug or higher for certain login options, including OIDC, GitHub, GitLab,...
PT-2024-7164 · Splunk · Splunk Enterprise
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.3.1 Splunk Enterprise versions prior to 9.2.3 Splunk Enterprise versions prior to 9.1.6 Description: The software potentially exposes sensitive HTTP parameters to the internal index if the REST Calls log...
CVE-2024-37283
An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic-agent.yml only when the log level is configured to debug. By default the log level is set to info, where no leak occurs...
Provisioning Services Console Error is Displayed During KMS Activation
When changing a virtual disk vDisk in private mode to KMS activation and then changing the mode to standard image modeor changing the activation procedure to KMS for a vDisk in standard image mode, the following error message appears, which can be seen in the console.log when in debug level or in...
SUSE CVE-2024-38590
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Modify the print level of CQE error Too much print may lead to a panic in kernel. Change ibdeverr to ibdeverrratelimited, and change the printing level of cqe dump to debug level...
UBUNTU-CVE-2024-38590
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Modify the print level of CQE error Too much print may lead to a panic in kernel. Change ibdeverr to ibdeverrratelimited, and change the printing level of cqe dump to debug level...
CVE-2024-38590
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Modify the print level of CQE error Too much print may lead to a panic in kernel. Change ibdeverr to ibdeverrratelimited, and change the printing level of cqe dump to debug level...
CVE-2024-38590
CVE-2024-38590 affects the Linux kernel RDMA/hns path where excessive CQE error printing could panic the kernel. The fix changes ibdev_err() to ibdev_err_ratelimited() and lowers the CQE dump printing level to debug, per the provided commits (Git kernel stable history). Connected Nessus entries r...
CVE-2024-38590 RDMA/hns: Modify the print level of CQE error
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Modify the print level of CQE error Too much print may lead to a panic in kernel. Change ibdeverr to ibdeverrratelimited, and change the printing level of cqe dump to debug level...
CVE-2024-38590 RDMA/hns: Modify the print level of CQE error
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Modify the print level of CQE error Too much print may lead to a panic in kernel. Change ibdeverr to ibdeverrratelimited, and change the printing level of cqe dump to debug level...
Information Disclosure
typo3/cms-core is vulnerable to Information Disclosure. The vulnerability is due to login failures being logged at the "warning" level instead of the "debug" level, which exposes plain text credential information...