Linux Distros Unpatched Vulnerability : CVE-2025-38045

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: iwlwifi: fix debug actions order The order of actions taken for debug was implemented incorrectly. Now we implemented the dump split and do the FW reset...

SUSE CVE-2025-6624

Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line arguments can be exposed when executing Snyk CLI in DEBUG or...

Himmelblau 日志信息泄露漏洞

Himmelblau is an Azure Entra ID authentication module open-sourced by Himmelblau. A log information disclosure vulnerability exists in Himmelblau versions prior to 1.0.0, which stems from disclosing Intune service access tokens in debug mode, which could lead to information disclosure...

The vulnerability of D-Link DI-7300G+ microprogrammed software lies in the lack of measures taken to neutralize special elements during the processing of the ASP file httpd_debug.asp, allowing attackers to execute arbitrary commands.

The vulnerability of D-Link DI-7300G+ router microprogramming software is related to the lack of measures taken to neutralize special elements during the processing of the asp-file httpddebug.asp. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

SUSE CVE-2025-8225

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

GO-2025-3789 Snyk CLI Insertion of Sensitive Information into Log File allowed in DEBUG or DEBUG/TRACE mode in github.com/snyk/go-application-framework

Snyk CLI Insertion of Sensitive Information into Log File allowed in DEBUG or DEBUG/TRACE mode in github.com/snyk/go-application-framework...

CVE-2025-8225

A flaw was found in binutils. The processdebuginfo function in the DWARF section handler exhibits a memory leak due to improper handling of debug information. This issue may allow a local attacker to trigger a resource exhaustion condition. This manipulation occurs when processing a specially...

Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the processdebuginfo function in the dwarf.c file. An attacker can cause resource exhaustion by triggering repeated processing of specially crafted DWARF sections. Remediation A fix...

DEBIAN-CVE-2025-8225

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

UBUNTU-CVE-2025-8225

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

Priv2Admin

This repository, Priv2Admin, is an exploitation path that allows users to misuse Windows privileges to elevate their rights within the OS. The repository lists various Windows privileges and their corresponding impact, tools, execution paths, and remarks. The privileges include...

GNU Binutils（GNU Binary Utilities） 安全漏洞

GNU Binutils is a binary toolset developed by the GNU Project to handle operations such as target files, assembly and linking. A memory leak vulnerability exists in GNU Binutils version 2.44, which originates from a processdebuginfo function handling exception in the binutils/dwarf.c file in the...

CVE-2025-38397

In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: fix suspicious RCU usage warning When I run the NVME over TCP test in virtme-ng, I get the following "suspicious RCU usage" warning in nvmempathaddsysfslink: ''' 5.024557 T44 nvmet: Created nvm controller 1 for...

CVE-2025-7705

: Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions...

CVE-2025-46267

Hidden functionality issue exists in WRC-BE36QS-B and WRC-W701-B. If exploited, the product's hidden debug function may be enabled by a remote attacker who can log in to WebGUI...

Multiple vulnerabilities in ELECOM wireless LAN routers

Overview Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Hidden functionality CWE-912 - CVE-2025-46267 OS command injection in WebGUI CWE-78 - CVE-2025-53472 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC...

CVE-2025-46117

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where a hidden debug script .apdebug.sh invoked from the restricted CLI does not properly sanitize its input, allowing an authenticated attacker to...

Fedora: Security Advisory (FEDORA-2025-deb3a02c42)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : libinput (2025-deb3a02c42)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-deb3a02c42 advisory. libinput 1.28.903 - fixes key events accidentally printed and thus logged to the system log if debug logs were enabled at the compositor level. Only affects...

CVE-2025-7705

: Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions...