GHSA-54J7-GRVR-9XWG Command Injection in adb-mcp MCP Server

Command Injection in adb-mcp MCP Server The MCP Server at https://github.com/srmorete/adb-mcp is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP Server is also published publicly to npm at...

CVE-2023-53403

In the Linux kernel, the following vulnerability has been resolved: time/debug: Fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

DEBIAN-CVE-2023-53403

In the Linux kernel, the following vulnerability has been resolved: time/debug: Fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

CVE-2023-53403 time/debug: Fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: time/debug: Fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the blkgiostatset structure not reinitializing the blkg and sync fields after being cleared in...

CVE-2025-57452

In realme BackupRestore app v15.1.122810c08250314, improper URI scheme handling in com.coloros.pc.PcToolMainActivity allows local attackers to cause a crash and potential XSS via crafted ADB intents...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the deletion of uninitialized timers, which could lead to debugging warnings and system instability...

GHSA-2GG8-85M5-8R2P Chaos Mesh's Chaos Controller Manager is Missing Authentication for Critical Function

The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial of service...

CVE-2025-59358 Denial of Service via Unauthorized Access to Chaos Mesh debugging server

The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial of service...

CVE-2025-59358

The CVE-2025-59358 entry is linked to Chaos Mesh: the Chaos Controller Manager exposes a GraphQL debugging server without authentication, reachable across the Kubernetes cluster. This misconfiguration permits an attacker to access an API capable of killing arbitrary processes in any pod, leading ...

CVE-2025-59358 Denial of Service via Unauthorized Access to Chaos Mesh debugging server

The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial of service...

Chaos Mesh 访问控制错误漏洞

Chaos Mesh is an open source cloud-native engineering platform from Chaos Mesh Open Source. Chaos Mesh suffers from an Access Control Error vulnerability that stems from an unauthenticated GraphQL debugging server being exposed to the entire Kubernetes cluster, potentially resulting in a...

pwntools

This is a CTF Capture The Flag framework and exploit development library. It is written in Python and provides a set of tools for developing and executing exploits. The library is designed to be extensible and customizable, allowing users to easily add new functionality and plugins. The library i...

pwntools

This is a CTF Capture The Flag framework and exploit development library. It is a Python library that provides a set of tools for developing exploits and performing penetration testing. The library is designed to be extensible and customizable, allowing users to easily add new features and plugin...

charlotte

This is a C++ shellcode launcher, fully undetected as of May 13th, 2021. It dynamically invokes Windows API functions, XOR encrypts shellcode and function names, and uses random XOR keys and variables per run. The code is designed to be stealthy and evade detection. The code is written in C++ and...

Linux Distros Unpatched Vulnerability : CVE-2023-21122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In various functions of various files, there is a possible way to bypass the DISALLOWDEBUGGINGFEATURES restriction for tracing due to a missing permission check...

NVIDIA NVDebug 路径遍历漏洞

NVIDIA NVDebug is a debugging and diagnostic tool from NVIDIA Corporation. NVIDIA NVDebug suffers from a path traversal vulnerability that originates from the ability to potentially cause a file to be written to a restricted component, which could lead to information disclosure, denial of service...

PT-2025-36971

Name of the Vulnerable Software and Affected Versions: NVIDIA NVDebug affected versions not specified Description: The NVIDIA NVDebug tool contains an issue that may allow an actor to write files to restricted components. A successful exploit of this issue may lead to information disclosure, deni...

CVE-2025-36899

There is a possible escalation of privilege due to test/debugging code left in a production build. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-58598

Insertion of Sensitive Information Into Debugging Code vulnerability in Klarna Klarna Order Management for WooCommerce klarna-order-management-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Klarna Order Management for WooCommerce: from n/a through = 1.9.8...