delve and golang security update

An update is available for delve, golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Delve is a debugger for the Go programming language. The goal of the...

mona

This is a repository for mona.py, a Python script used to automate and speed up specific searches while developing exploits, particularly for the Windows platform. Mona.py runs on Immunity Debugger and WinDBG, and requires Python 2.7. The script is designed to work with 32-bit processes, although...

Linux Distros Unpatched Vulnerability : CVE-2023-27734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue found in Eteran edb-debugger v.1.3.0 allows a local attacker to causea denial of service via the collectsymbols function in...

An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

...

CVE-2025-8597

MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context despite...

CVE-2025-8597

MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context despite...

CVE-2025-8700

Invoice Ninja's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context...

CVE-2025-8700

Invoice Ninja on macOS is affected by a local privilege-escalation issue due to the presence of the entitlement com.apple.security.get-task-allow. This allows unprivileged local attackers (e.g., via a malicious app) to attach a debugger, read/modify process memory, and inject code within the app’...

CVE-2025-8700 Privilege Escalation via get-task-allow entitlement in Invoice Ninja

Invoice Ninja's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context...

CVE-2025-8597 Privilege Escalation via get-task-allow entitlement in MacVim.app

MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context despite...

CVE-2025-8597 Privilege Escalation via get-task-allow entitlement in MacVim.app

MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context despite...

CVE-2025-8597

CVE-2025-8597 affects MacVim on macOS due to the presence of the entitlement com.apple.security.get-task-allow . This allows local unprivileged attackers (e.g., via a malicious application) to attach a debugger, read/modify the process memory, and inject code into the app’s context, even when sig...

PT-2025-34757 · Macvim · Macvim

Name of the Vulnerable Software and Affected Versions: MacVim affected versions not specified Description: MacVim’s configuration on macOS, specifically the presence of the “com.apple.security.get-task-allow” entitlement, allows local attackers with unprivileged access to attach a debugger, read ...

Linux Distros Unpatched Vulnerability : CVE-2017-18026

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does not block the --config and --debugger flags to the Mercurial hg program, which allows remo...

Linux Distros Unpatched Vulnerability : CVE-2017-2377

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the WebKit Web Inspector...

OESA-2025-2060 python-werkzeug security update

A comprehensive WSGI web application library Security Fixes: Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the...

Linux Distros Unpatched Vulnerability : CVE-2018-16081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a...

Linux Distros Unpatched Vulnerability : CVE-2018-6140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to instal...

CVE-2025-7353

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...

OESA-2025-1998 python-werkzeug security update

A comprehensive WSGI web application library Security Fixes: Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal...