Arqit Symmetric Key Agreement Platform 安全漏洞

The Arqit Symmetric Key Agreement Platform is a quantum-safe key negotiation platform developed by Arqit Corporation. Versions prior to 26.03 of the Arqit Symmetric Key Agreement Platform contained security vulnerabilities. These vulnerabilities stemmed from exposing the Keycloak management...

CVE-2025-69648

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debugrnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a...

UBUNTU-CVE-2025-69652

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...

PT-2026-23728

Name of the Vulnerable Software and Affected Versions Binutils versions prior to 2.46 Description An issue exists in Binutils where the objdump utility is susceptible to denial-of-service. This occurs when processing a specially crafted binary file containing malformed debug information. A flaw i...

CVE-2025-69646

Binutils objdump is affected by a denial-of-service due to a logic error in handling the DWARF debug_rnglists header. A crafted input file can trigger repeated warning messages and an unbounded logging loop, causing excessive CPU and I/O usage and preventing completion of the objdump analysis. Th...

CVE-2025-13494 SSP Debug <= 1.0.0 - Unauthenticated Sensitive Information Exposure

The SSP Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.0. This is due to the plugin storing PHP error logs in a predictable, web-accessible location wp-content/uploads/ssp-debug/ssp-debug.log without any access controls. This...

Vulnerability of the vmbus_connect() function in the drivers/hv/connection.c module – Microsoft Hyper-V guest mode support driver for Linux operating systems. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the vmbusconnect function in the drivers/hv/connection.c module – Microsoft’s Linux-based Hyper-V guest mode driver has a vulnerability that exposes confidential system information due to unprocessed debugging information. Exploitation of this vulnerability could allow an attacke...

The vulnerability of the web interface of Microprogramming Software for WI-Fi routers from Sharp allows a hacker to elevate their privileges and execute arbitrary commands.

The vulnerability of the web interface of Microprogramming Software-based Wi-Fi routers from Sharp is related to insufficient protection of operational data during code debugging. Exploiting this vulnerability can allow a remote attacker to enhance their privileges and execute arbitrary commands...

AMD Graphics Driver 安全漏洞

AMD Graphics Driver is an integrated graphics driver from UltraMicroelectronics AMD. A security vulnerability exists in AMD Graphics Driver, which stems from a hard-coded AES key that could cause a privileged attacker to gain access to the key, leading to the disclosure of internal debugging...

Alcatel-Lucent ALE NOE 安全漏洞

The Alcatel-Lucent ALE NOE is a desktop phone from Alcatel-Lucent. A security vulnerability exists in Alcatel-Lucent ALE NOE versions 86x8NOE-R300.1.40.07.4140, 86x8SIP-R200.1.01.10.728, which stems from improper privilege management and allows an authenticated attacker to create symbolic links t...

OTRS Log Information Disclosure Vulnerability

OTRS is an application from OTRS Germany. A service management software. A security vulnerability exists in OTRS that stems from the insertion of debugging information into a log file during the construction of a resilient search index allowing sensitive information to be read from it...

The vulnerability of Microsoft’s .NET Framework and .NET software platforms lies in the insufficient protection of operational data during code debugging, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft .NET Framework and .NET software platforms is related to insufficient protection of sensitive data during code debugging. Exploiting this vulnerability can allow attackers to execute arbitrary code...

WordPress plugin Translate WordPress with GTranslate 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Translate WordPress with GTranslate plugin version 2.9.9 is vulnerable to cross-site request forgery. The vulnerability...

Denial of service vulnerability in GNU binutils 'display_debug_ranges' function

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A denial of service vulnerability exis...

CVE-2015-7900

Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote attackers to obtain sensitive debugging information by entering a crafted URL to trigger an exception, and then visiting a certain status page...

Carrier IQ Says Bug Can Cause Some SMS to Be Recorded in Coded Form

Carrier IQ, the embattled software company at the center of the controversy over alleged data collection on mobile devices, has released a new document that details the ways in which carriers deploy the software, how it works on devices and what data it is capable of collecting. The company also...