CVE-2021-3129

Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2...

CVE-2019-19983

In the WordPress plugin, Fast Velocity Minify before 2.7.7, the full web root path to the running WordPress application can be discovered. In order to exploit this vulnerability, FVM Debug Mode needs to be enabled and an admin-ajax request needs to call the fastvelocityminfiles action...

kernel: ext4: avoid use-after-free in ext4_ext_show_leaf()

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4extshowleaf In ext4findextent, path may be freed by error or be reallocated, so using a previously saved ppath may have been freed and thus may trigger use-after-free, as follows: ext4splitextent...

CVE-2025-20154

A vulnerability in the Two-Way Active Measurement Protocol TWAMP server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service DoS condition. For Cisco IOS XR Software, this...

ADM - CPU utilization is increasing and Debug is enabled

High Load on the CPU at Random time, collect the bundle and shared...

CVE-2025-42604

This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by accessing certain unauthorized API endpoints leading to detailed error messages as response leading to disclosure of system related...

Meon KYC 安全漏洞

Meon KYC is a solution from Meon India. A security vulnerability exists in Meon KYC that stems from debug mode being enabled on certain API endpoints, which could lead to the disclosure of system related information...

PT-2025-17615 · Unknown · Meon Kyc Solutions

Name of the Vulnerable Software and Affected Versions: Meon KYC solutions affected versions not specified Description: The issue exists due to debug mode being enabled in certain API endpoints, allowing a remote attacker to exploit this by accessing unauthorized API endpoints. This leads to...

RHEL 6 : openstack-packstack (RHSA-2014:0233)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0233 advisory. PackStack is a command-line utility that uses Puppet modules to support rapid deployment of OpenStack on existing servers over an SSH connection...

RHEL 7 : openstack-ironic-discoverd (RHSA-2015:1929)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1929 advisory. Ironic provides bare metal provisioning for OpenStack nodes. It was discovered that enabling debug mode in openstack-ironic-discoverd also enables...

BIT-JOOMLA-2022-27912 [20221001] - Core - Debug Mode leaks full request payloads including passwords

An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests...

Red Hat Ansible Automation Platform（Red Hat AAP） 安全漏洞

Red Hat Ansible Automation Platform Red Hat AAP is a unified solution for enabling strategic automation from Red Hat, USA. A security vulnerability exists in Red Hat Ansible Automation Platform Red Hat AAP that stems from an explicit exposure of inventory passwords in debug mode...

Eramba Remote Code Execution

This Metasploit module exploits a remote code execution vulnerability in Eramba. An authenticated user can execute arbitrary commands on the server by exploiting the path parameter in the download-test-pdf endpoint. Eramba debug mode has to be enabled. Versions up to 3.19.1 are affected. This...

CVE-2025-2002

CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug mode by an administrative user and the debug files are exported from the device...

CVE-2025-2002

CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug mode by an administrative user and the debug files are exported from the device...

CVE-2025-2002

CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug mode by an administrative user and the debug files are exported from the device...

CVE-2025-2002

CVE-2025-2002 affects Schneider Electric EcoStruxure Panel Server. The issue is a CWE-532-style insertion of sensitive information into log files that can lead to disclosure of FTP server credentials when the FTP server is deployed and an administrator places the device in debug mode, exporting d...

CVE-2025-2002

CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug mode by an administrative user and the debug files are exported from the device...

CVE-2024-13919

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page...

CVE-2024-13918

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...