CVE-2025-22503

Cross-Site Request Forgery CSRF vulnerability in digitalzoomstudio Admin debug wordpress – enable debug dzs-enable-debug allows Cross Site Request Forgery.This issue affects Admin debug wordpress – enable debug: from n/a through = 1.0.13...

CVE-2024-43376

Umbraco is an ASP.NET CMS. Some endpoints in the Management API can return stack trace information, even when Umbraco is not in debug mode. This vulnerability is fixed in 14.1.2...

CVE-2024-41999

Smart-tab Android app installed April 2023 or earlier contains an active debug code vulnerability. If this vulnerability is exploited, an attacker with physical access to the device may exploit the debug function to gain access to the OS functions, escalate the privilege, change the device's...

CVE-2024-52067

Apache NiFi 1.16.0 through 1.28.0 and 2.0.0-M1 through 2.0.0-M4 include optional debug logging of Parameter Context values during the flow synchronization process. An authorized administrator with access to change logging levels could enable debug logging for framework flow synchronization, causi...

CVE-2024-31406

Active debug code vulnerability exists in RoamWiFi R10 prior to 4.8.45. If this vulnerability is exploited, a network-adjacent unauthenticated attacker with access to the device may perform unauthorized operations...

CVE-2024-29757

there is a possible permission bypass due to Debug certs being allowlisted. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-28154

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...

CVE-2024-1775

The Nextend Social Login and Register plugin for WordPress is vulnerable to a self-based Reflected Cross-Site Scripting via the ‘errordescription’ parameter in all versions up to, and including, 3.1.12 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-24798

Cross-Site Request Forgery CSRF vulnerability in SoniNow Team Debug.This issue affects Debug: from n/a through 1.10...

CVE-2024-12265

The Web3 Crypto Payments by DePay for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the /wp-json/depay/wc/debug REST API endpoint in all versions up to, and including, 2.12.17. This makes it possible for unauthenticated attacker...

CVE-2024-37571

Buffer Overflow vulnerability in SAS Broker 9.2 build 1495 allows attackers to cause denial of service or obtain sensitive information via crafted payload to the 'debug' parameter...

CVE-2024-34798

Insertion of Sensitive Information into Log File vulnerability in Lukman Nakib Debug Log – Manger Tool.This issue affects Debug Log – Manger Tool: from n/a through 1.4.5...

CVE-2024-29035

Umbraco is an ASP.NET CMS. Failing webhooks logs are available when solution is not in debug mode. Those logs can contain information that is critical. This vulnerability is fixed in 13.1.1...

CVE-2024-29206

An Improper Access Control could allow a malicious actor authenticated in the API to enable Android Debug Bridge ADB and make unsupported changes to the system. Affected Products: UniFi Connect EV Station Version 1.1.18 and earlier UniFi Connect EV Station Pro Version 1.1.18 and earlier UniFi...

CVE-2024-34565

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Debug Info allows Stored XSS.This issue affects Debug Info: from n/a through 1.3.10...

CVE-2024-12008

The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 through the publicly exposed debug log file. This makes it possible for unauthenticated attackers to view potentially sensitive information in the exposed log file. For exampl...

CVE-2024-51752

The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In affected versions refresh tokens are logged to the console when the disabled by default debug flag, is enabled. This issue has been patched in version 0.13...

CVE-2024-33915

Missing Authorization vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.1...

CVE-2024-33583

A vulnerability has been identified in SIMATIC RTLS Locating Manager 6GT2780-0DA00 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA10 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA20 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA30 All versions...

CVE-2024-36475

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed...