1556 matches found
MiracleLinux 4 : mercurial-1.4-5.AXS4 (AXSA:2017-1710:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-1710:01 advisory. Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Quick start:...
CVE-2021-47762
HTTPDebuggerPro 9.11 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables and gain elevated...
EUVD-2026-2774
HTTPDebuggerPro 9.11 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables and gain elevated...
PT-2026-3038
HTTPDebuggerPro 9.11 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables and gain elevated...
MadeForNet HTTP Debugger Pro code issues and vulnerabilities
MadeForNet HTTP Debugger Pro is an HTTP/HTTPS protocol packet capture and analysis tool developed by the American company MadeForNet. Version 9.11 of MadeForNet HTTP Debugger Pro contains a code vulnerability. This vulnerability stems from binary paths in service configurations that lack quotatio...
Accessibility Features (Sticky Keys) Persistence via Debugger Registry Key
This module makes it possible to apply the 'sticky keys' hack to a session with appropriate rights. The hack provides a means to get a SYSTEM shell using UI-level interaction at an RDP login screen or via a UAC confirmation dialog. The module modifies the Debug registry setting for certain...
CVE-2020-7914
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3...
Accessibility Features Persistence Via Debugger Registry Key
This Metasploit module makes it possible to apply the sticky keys hack to a session with appropriate rights. The hack provides a means to get a SYSTEM shell using UI-level interaction at an RDP login screen or via a UAC confirmation dialog. The module modifies the Debug registry setting for certa...
MalwareAnalysisProject
MalwareAnalysisProject Introduction to exploit development wit...
[SECURITY] Fedora 42 Update: delve-1.26.0-1.fc42
Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out ...
[SECURITY] Fedora 43 Update: delve-1.26.0-1.fc43
Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out ...
PT-2026-6749
Name of the Vulnerable Software and Affected Versions Asterisk versions prior to 20.7-cert9 Asterisk versions prior to 20.18.2 Asterisk versions prior to 21.12.1 Asterisk versions prior to 22.8.2 Asterisk versions prior to 23.2.2 Description Asterisk is a private branch exchange and telephony...
Remote Code Execution (RCE)
Keycloak is vulnerable to Remote Code Execution RCE. The vulnerability is due to insecure default binding of the debug JDWP port to all network interfaces in debug mode, which allows an attacker on the same network to attach a debugger and execute arbitrary code...
๐ Visual Studio 1.39.0 Remote Debugger
Visual Studio versions 1.30.0 through 1.39.0 had a remote debugger enabled by default that could cause multiple security issues. Code included to scan for any listeners...
GHSA-J4VQ-Q93M-4683 Keycloak has debug default bind address
A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to binding the Java Debug Wire Protocol JDWP port to all network interfaces 0.0.0.0. This exposes the debug port to the local network, allowing an attacker on the same network segment to...
Photon OS 5.0: Gdb PHSA-2025-5.0-0648
An update of the gdb package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0648. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid27671...
Duplicate Advisory: Keycloak allows Binding to an Unrestricted IP Address
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-j4vq-q93m-4683. This link is maintained to preserve external references. Original Description A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to...
CVE-2025-11538
A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to binding the Java Debug Wire Protocol JDWP port to all network interfaces 0.0.0.0. This exposes the debug port to the local network, allowing an attacker on the same network segment to...
CVE-2025-11538 Keycloak-server: debug default bind address
A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to binding the Java Debug Wire Protocol JDWP port to all network interfaces 0.0.0.0. This exposes the debug port to the local network, allowing an attacker on the same network segment to...
CVE-2025-11538
Keycloak is affected by CVE-2025-11538 in versions prior to 26.4.4 where enabling debug mode (--debug) binds the JDWP port to all interfaces (0.0.0.0), exposing the debug port on the local network. This potentially allows a local-network attacker to attach a remote debugger and achieve remote cod...