org.apache.camel.quarkus:camel-quarkus-as2 (>=3.0.0-M1 <=3.10.0), org.apache.camel.quarkus:camel-quarkus-as2-deployment (>=3.0.0-M1 <=3.10.0) +4 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-debug-jdk18on (>=1.71 <=1.77)

org.bouncycastle:bcprov-debug-jdk18on MAVEN version =1.71, =3.0.0-M1, =3.0.0-M1, =3.2.0, =3.18.0, =3.18.0, =3.18.0, =4.5.0 Source cves: CVE-2025-8885 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11777841...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...

com.github.mizosoft.methanol:benchmarks (>=1.1.0 <=1.2.0), com.github.mizosoft.methanol:methanol-testutils (>=1.1.0 <=1.2.0) +35 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-debug-jdk15on (>=1.53 <=1.70)

org.bouncycastle:bcprov-debug-jdk15on MAVEN version =1.53, =1.1.0, =1.1.0, =0.8.635, =0.8.635, =0.8.635, =0.8.635, =0.0.1, =4.4.0, =1.3.8, =1.3.7, =1.3.7, =1.3.8, =1.4.0 - de.ohmesoftware:keytool =0.0.2 and more Source cves: CVE-2025-8885 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11777855...

Autocaliweb 信息泄露漏洞

Autocaliweb is a web management platform by Phoenix Paulina Schmid Individual Developer. An information disclosure vulnerability exists in Autocaliweb versions prior to 0.8.3, which stems from a debug package that exposes sensitive configuration data, potentially leading to API key disclosure...

PT-2025-32945 · Unknown · Autocaliweb

Name of the Vulnerable Software and Affected Versions: Autocaliweb versions prior to 0.8.3 Description: Autocaliweb is a web application that provides an interface for browsing, reading, and downloading eBooks using a Calibre database. The debug pack generated by Autocaliweb can expose sensitive...

Linux Distros Unpatched Vulnerability : CVE-2019-15902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through...

Linux Distros Unpatched Vulnerability : CVE-2024-26919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ul...

PT-2025-35962

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where reading /proc/kthread/arch status can cause a NULL pointer dereference when CONFIG X86 DEBUG FPU is enabled. This occurs because the AVX-512...

Linux Distros Unpatched Vulnerability : CVE-2022-50091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: locking/csdlock: Change csdlockdebug from earlyparam to setup The csdlockdebug kernel-boot...

Linux Distros Unpatched Vulnerability : CVE-2025-21839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Load DR6 with guest value only before entering .vcpurun loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core...

CVE-2025-21472

Information disclosure while capturing logs as eSE debug messages are logged...

Linux Distros Unpatched Vulnerability : CVE-2022-49761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: always report error in runonedelayedref Currently we have a btrfsdebug for runonedelayedref failure, but if end users hit such problem, there will be no...

CVE-2025-21472

Information disclosure while capturing logs as eSE debug messages are logged...

CVE-2025-21472 Leftover Debug Code in Secure Element

Information disclosure while capturing logs as eSE debug messages are logged...

CVE-2025-21472

CVE-2025-21472 describes an information-disclosure vulnerability in Qualcomm Secure Element logging: when capturing logs, eSE debug messages are logged, potentially exposing sensitive data. The issue is classified with a Local attack vector, Low attack complexity, and Low privileges required, wit...

CVE-2025-21472 Leftover Debug Code in Secure Element

Information disclosure while capturing logs as eSE debug messages are logged...

wifi: iwlwifi: fix debug actions order

...

SUSE CVE-2025-53512

The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information...

PT-2025-32127 · Ese · Ese

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: An information disclosure issue exists due to the logging of eSE debug messages during log capture. Recommendations: At the moment, there is no information about a newer version that contains a fix...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets, which stems from the recording of eSE debug messages when capturing logs could lead to information disclosure...