VulnCheck KEV: CVE-2024-20440

A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to excessive verbosity in a debug log file. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected...

CVE-2025-5486

The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the WPMDBUGhandlesettings function in versions 1.0 to 1.1.0. This makes it possible for unauthenticated attackers to enable debugging and send all emails to an attacker controlled...

CVE-2025-5486 WP Email Debug 1.0 - 1.1.0 - Missing Authorization to Unauthenticated Privilege Escalation via Password Reset

The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the WPMDBUGhandlesettings function in versions 1.0 to 1.1.0. This makes it possible for unauthenticated attackers to enable debugging and send all emails to an attacker controlled...

CVE-2025-5486

CVE-2025-5486 affects the WordPress plugin WP Email Debug (versions 1.0–1.1.0). The vulnerability is a missing capability check in WPMDBUG_handle_settings(), enabling privilege escalation by unauthenticated actors: they can enable debugging, cause emails to be sent to an attacker-controlled addre...

WordPress plugin WP Email Debug security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-24035 · WordPress · Wp Email Debug

Name of the Vulnerable Software and Affected Versions: WP Email Debug plugin for WordPress versions 1.0 to 1.1.0 Description: The issue is related to a missing capability check on the WPMDBUG handle settings function. This allows unauthenticated attackers to enable debugging, send all emails to a...

GraphQL Debug Mode Enabled

GraphQL is an open-source query and manipulation language for APIs. When GraphQL is run in a 'debug mode' it can leak information about the underlying web applications. No source data...

CVE-2025-1479

An open debug interface was reported in the Legion Space software included on certain Legion devices that could allow a local attacker to execute arbitrary code...

CVE-2025-1479

An open debug interface was reported in the Legion Space software included on certain Legion devices that could allow a local attacker to execute arbitrary code...

PT-2025-23337 · Unknown · Legion Space

Name of the Vulnerable Software and Affected Versions: Legion Space software affected versions not specified Description: An open debug interface in the Legion Space software could allow a local attacker to execute arbitrary code. Recommendations: At the moment, there is no information about a...

SUSE CVE-2025-5245

A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debugtypesamep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been...

CLSA-2025-1748366748 kernel: Fix of 12 CVEs

ext4: fix OOB read when checking dotdot dir CVE-2025-37785 - iscsiibft: Fix UBSAN shift-out-of-bounds warning in ibftattrshownic CVE-2025-21993 - media: uvcvideo: Fix double free in error path CVE-2024-57980 - jffs2: Prevent rtime decompress memory corruption CVE-2024-57850 - wifi: iwlegacy:...

CLSA-2025-1748365686 kernel: Fix of 12 CVEs

ext4: fix OOB read when checking dotdot dir CVE-2025-37785 - iscsiibft: Fix UBSAN shift-out-of-bounds warning in ibftattrshownic CVE-2025-21993 - media: uvcvideo: Fix double free in error path CVE-2024-57980 - jffs2: Prevent rtime decompress memory corruption CVE-2024-57850 - wifi: iwlegacy:...

AZL-61988 CVE-2025-5245 affecting package binutils for versions less than 2.41-6

A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debugtypesamep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been...

UBUNTU-CVE-2025-5245

A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debugtypesamep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to improper handling of certain debug information in the debugtypesamep function of the /binutils/debug.c file. An attacker can cause memory corruption by manipulating the input data to this function. This is only...

CVE-2025-5075

A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component DEBUG Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed ...

CVE-2025-24034

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is vulnerable to leaking credentials in debug logs. When debug logging is enabled, user access tokens are inadvertently logged, potentially...

CVE-2025-23684

Missing Authorization vulnerability in Eugen Bobrowski Debug Tool debug-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Tool: from n/a through = 2.2...

CVE-2025-24362

In some circumstances, debug artifacts uploaded by the CodeQL Action after a failed code scanning workflow run may contain the environment variables from the workflow run, including any secrets that were exposed as environment variables to the workflow. Users with read access to the repository...