CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CLSA-2026-1769506462 Fix CVE(s): CVE-2025-8225

SECURITY UPDATE: debuginformation memory leak in processdebuginfo - debian/patches/CVE-2025-8225.patch: prevent memory leak by checking allocnumdebuginfoentries instead of numdebuginfoentries to determine whether debuginformation has been allocated - CVE-2025-8225...

AZL-75464 CVE-2026-24809 affecting package memcached for versions less than 1.6.27-4

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005014)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005014 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow Skip SMB sessions that are being...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005152)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005152 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4extshowleaf In ext4findextent, path may be freed by error or be...

sonarcloud-poc

SonarCloud PoC - SAST Test Projeto de teste para validar dete...

CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59104

The CVE-2025-59104 issue affects a dormakaba access manager where an attacker with physical access can solder to the debug footprint or connect a 6-Pin tag‑connect cable to access the bootloader. The vulnerable vector allows changing the kernel command line and ultimately obtaining a root shell. ...

CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

EUVD-2025-206371

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59098

CVE-2025-59098 describes a trace/debug facility in the dormakaba Access Manager. The trace is exposed via a plain TCP socket with no authentication or encryption, and TraceClient.exe can connect through the web interface to receive debug output. The verbosity is configurable via HTTP(S) with the ...

EUVD-2025-206362

The Access Manager is offering a trace functionality to debug errors and issues with the device. The trace functionality is implemented as a simple TCP socket. A tool called TraceClient.exe, provided by dormakaba via the Access Manager web interface, is used to connect to the socket and receive...

CVE-2025-59098

The Access Manager is offering a trace functionality to debug errors and issues with the device. The trace functionality is implemented as a simple TCP socket. A tool called TraceClient.exe, provided by dormakaba via the Access Manager web interface, is used to connect to the socket and receive...

PT-2026-4754

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2026-23517

Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38045)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38045 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix debug actions order T...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46803)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46803 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debug trap enable befo...

Azure Linux 3.0 Security Update: kernel (CVE-2024-45012)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45012 advisory. - In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: use dma non-coherent...

CVE-2026-24046

Backstage CVE-2026-24046 centers on a symlink-based path traversal in Scaffolder actions and archive extraction. Affected components include @backstage/backend-defaults, @backstage/plugin-scaffolder-backend, and @backstage/plugin-scaffolder-node; attackers with template-creation/execution access ...

CVE-2026-23517

Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server...