Flock Safety Gunshot Detection 安全漏洞

Flock Safety Gunshot Detection is a gunshot detection system from Flock Safety USA. A security vulnerability exists in Flock Safety Gunshot Detection versions prior to 1.3 that stems from improper access control of the chip debug interface...

SUSE-SU-2025:02121-1 Security update for helm

This update for helm fixes the following issues: Update to version 3.18.3: builddeps: bump golang.org/x/crypto from 0.38.0 to 0.39.0 6838ebc dependabotbot fix: user username password for login 5b9e2f6 Terry Howe Update pkg/registry/transport.go 2782412 Terry Howe Update pkg/registry/transport.go...

GHSA-6HWC-9H8R-3VMF Snyk CLI Insertion of Sensitive Information into Log File allowed in DEBUG or DEBUG/TRACE mode

Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line arguments can be exposed when executing Snyk CLI in DEBUG or...

Snyk CLI Insertion of Sensitive Information into Log File allowed in DEBUG or DEBUG/TRACE mode

Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line arguments can be exposed when executing Snyk CLI in DEBUG or...

CVE-2025-6624

Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line arguments can be exposed when executing Snyk CLI in DEBUG or...

CVE-2025-6624

Affected software: Snyk CLI. Vulnerability: Insertion of Sensitive Information into Log File when running in DEBUG/TRACE modes. Versions prior to 1.1297.3 are affected. Details: container commands (snyk container test/monitor) can disclose registry credentials via environment variables SNYK_REGIS...

CVE-2025-6624

Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line arguments can be exposed when executing Snyk CLI in DEBUG or...

CVE-2025-6624

Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line arguments can be exposed when executing Snyk CLI in DEBUG or...

PT-2025-26934 · Snyk · Snyk Cli

Name of the Vulnerable Software and Affected Versions: snyk versions prior to 1.1297.3 Description: The issue allows for the insertion of sensitive information into log files through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line...

Insertion of Sensitive Information into Log File

Overview snyk is an advanced tool that scans and monitors projects for security vulnerabilities. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variable...

CLSA-2025-1750784684 Fix CVE(s): CVE-2025-4802

SECURITY UPDATE: Untrusted LDLIBRARYPATH environment variable vulnerability - debian/patches/any/CVE-2025-4802.patch: Ignore LDLIBRARYPATH and debug env var for setuid for static - CVE-2025-4802...

CVE-2025-48468

CVE-2025-48468 centers on an open JTAG debug port that, with physical access, lets an attacker inject or modify firmware. Multiple connected sources tie this to Advantech industrial controllers (e.g., WISE-4010LAN, WISE-4050LAN, WISE-4060LAN) and describe the root cause as reliance on a JTAG inte...

WeGIA Operating System Command Injection Vulnerability

WeGIA is a web manager for welfare organizations. WeGIA suffers from an operating system command injection vulnerability that stems from the branch parameter not being properly cleaned up in the /html/configuracao/debuginfo.php endpoint. An attacker could exploit this vulnerability to execute...

Path Traversal

DotVVM is vulnerable to Path Traversal. The vulnerability is due to insufficient input validation allowing the attacker to access the arbitrary files when a FileResourceLocation is used and the application is running in Debug mode...

spytrap-adb 安全漏洞

spytrap-adb is a spytrap-org open source tool that uses adb and usb debugging to test a cell phone for the presence of tracking software. A security vulnerability exists in spytrap-adb versions prior to 0.3.5, which stems from the interactive user interface not displaying the results of known...

CVE-2025-38045

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix debug actions order The order of actions taken for debug was implemented incorrectly. Now we implemented the dump split and do the FW reset only in the middle of the dump rather than the FW killing itself on...

CVE-2022-50051

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow although it's...

PT-2025-35954

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the mm/ptdump component where the code can race with concurrent modifications of kernel page tables. Specifically, when intermediate levels of kernel...

GHSA-6Q65-J4JW-9CG8 DotVVM allows path traversal when deployed in Debug mode

Description There is a path traversal vulnerability in any DotVVM application started in Debug mode, if at least one resource with the FileResourceLocation has been added. The vulnerability allows an attacker to read arbitrary files from the filesystem accessible by the web application i.e...

DotVVM allows path traversal when deployed in Debug mode

Description There is a path traversal vulnerability in any DotVVM application started in Debug mode, if at least one resource with the FileResourceLocation has been added. The vulnerability allows an attacker to read arbitrary files from the filesystem accessible by the web application i.e...