SUSE CVE-2023-33297

Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service e.g., CPU consumption because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023...

Code injection

Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service e.g., CPU consumption because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023...

VulnCheck KEV: CVE-2023-33297

Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service e.g., CPU consumption because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023...

Information Disclosure

github.com/cilium/cilium is vulnerable to Information Disclosure. When running in debug mode, the Cilium agent may log secrets. Depending on the configuration of the impacted cluster, this includes TLS private keys for Ingress and GatewayAPI resources. The confidential data would be outputed when...

GHSA-PG5P-WWP8-97G8 Debug mode leaks confidential data in Cilium

Impact When run in debug mode, Cilium may log sensitive information. In particular, Cilium running in debug mode will log the values of headers if they match HTTP network policy rules. This issue affects Cilium versions: - 1.7. to 1.10. inclusive - 1.11. before 1.11.16 - 1.12. before 1.12.9 - 1.1...

Debug mode leaks confidential data in Cilium

Impact When run in debug mode, Cilium may log sensitive information. In particular, Cilium running in debug mode will log the values of headers if they match HTTP network policy rules. This issue affects Cilium versions: - 1.7. to 1.10. inclusive - 1.11. before 1.11.16 - 1.12. before 1.12.9 - 1.1...

CVE-2023-29002

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug...

Design/Logic Flaw

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug...

CVE-2023-29002 Debug mode leaks confidential data in Cilium

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug...

CVE-2023-29002 Debug mode leaks confidential data in Cilium

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug...

CVE-2023-29002 Debug mode leaks confidential data in Cilium

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug...

CVE-2023-29002

Cilium (eBPF-based dataplane) in debug mode logs contents of the cilium-secrets namespace, potentially exposing TLS private keys for Ingress/GatewayAPI. This could enable an attacker with access to debug output to intercept/modify traffic to the cluster. The issue occurs at agent restart, on secr...

Cilium 日志信息泄露漏洞

Cilium is an open source software. It is used to provide and transparently secure network connectivity and load balancing between application workloads such as application containers or processes. A logging information disclosure vulnerability exists in Cilium that stems from Cilium logging...

PT-2023-22078 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions prior to 1.11.16 Cilium versions prior to 1.12.9 Cilium versions prior to 1.13.2 Description: Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log t...

Exploit for CVE-2021-3129

CVE-2021-3129 Laravel RCE CVE-2021-3129 Vulnerability O...

Exploit for CVE-2021-3129

Laravel Debug Mode RCE Vulnerability CVE-2021-3129 POC / EXP...

Opennms Group OpenNMS 日志信息泄露漏洞

Opennms Group OpenNMS is an open source, enterprise-grade network monitoring and network management platform from US-based Opennms Group. A security vulnerability exists in OpenNMS Meridian , Horizon , which originates from the possibility of inserting sensitive information into log files if the...

K75532331: iRulesLX debug NodeJS vulnerability CVE-2019-6644

Security Advisory Description Similar to the issue identified in CVE-2018-12120, the BIG-IP system will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized users if the plugin is left in debug mode and the port is accessible. CVE-2019-6644 Impac...

K17449: Apache Struts 2 vulnerability CVE-2015-5169

Security Advisory Description Cross-site scripting XSS vulnerability in Apache Struts before 2.3.20. CVE-2015-5169 When debug mode is switched on in Apache Struts, under certain conditions, an arbitrary script may be executed in the 'Problem Report' screen. Affected versions are Struts 2.0.0 -...

SUSE CVE-2009-3462

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."...