CVE-2022-0721

Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3...

CVE-2020-12493

An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices...

CVE-2025-21666

In the Linux kernel, the following vulnerability has been resolved: vsock: prevent null-ptr-deref in vsockhasdata|hasspace Recent reports have shown how we sometimes call vsockhasdata when a vsock socket has been de-assigned from a transport see attached links, but we shouldn't. Previous commits...

SUSE-SU-2025:0279-1 Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Upgrade to upstream tag jdk-21.0.6+7 January 2025 CPU Security fixes: - CVE-2025-21502: Enhance array handling JDK-8330045, bsc1236278 Other changes: - JDK-6942632: Hotspot should be able to use more than 64 logical processors on Windows...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a DMA debugging module that may cause a deadlock when holding radixlock...

PT-2025-52664

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.111 Description The Linux kernel contains a data race condition within the do raw write lock function, specifically related to spinlock debugging. Kernel Concurrency Sanitizer KCSAN has identified a race...

CVE-2024-56588

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Create all dump files during debugfs initialization For the current debugfs of hisisas, after user triggers dump, the driver allocate memory space to save the register information and create debugfs files to displa...

PT-2024-10860 · Applock · Applock

Name of the Vulnerable Software and Affected Versions: Smartphones affected versions not specified Description: The system has a logic judging error under certain scenarios, allowing an attacker to gain certain information from apps locked by Applock if they obtain permission to execute commands ...

Sharp SH-05L、SH-52B、SH-54C和HR02 安全漏洞

The Sharp HR02 and others are products of Sharp Corporation of Japan.The Sharp HR02 is a home router.The Sharp SH-52B is a wireless LAN connectivity station.The Sharp SH-54C is a wireless LAN connectivity station. A security vulnerability exists in the Sharp SH-05L, SH-52B, SH-54C, and HR02 that...

[SECURITY] Fedora 41 Update: retsnoop-0.10.1-3.fc41

retsnoop is BPF-based tool that is meant to help debugging kernel issues. It allows to capture call stacks of kernel functions that return errors NULL or -Exxx and emits every such detected call stack, along with the captured results...

[SECURITY] Fedora 40 Update: retsnoop-0.10.1-3.fc40

retsnoop is BPF-based tool that is meant to help debugging kernel issues. It allows to capture call stacks of kernel functions that return errors NULL or -Exxx and emits every such detected call stack, along with the captured results...

Exploit for Special Element Injection in Google Android

CVE-2024-0044- CVE-2024-0044: a "run-as any app" high-severity...

CVE-2023-49194

Insertion of Sensitive Information Into Debugging Code vulnerability in importify Importify Dropshipping WooCommerce importify allows Retrieve Embedded Sensitive Data.This issue affects Importify Dropshipping WooCommerce: from n/a through = 1.0.4...

CVE-2023-49194 WordPress Importify (Dropshipping WooCommerce) plugin <= 1.0.4 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Debugging Code vulnerability in importify Importify Dropshipping WooCommerce importify allows Retrieve Embedded Sensitive Data.This issue affects Importify Dropshipping WooCommerce: from n/a through = 1.0.4...

CVE-2023-49194 WordPress Importify (Dropshipping WooCommerce) plugin <= 1.0.4 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Debugging Code vulnerability in importify Importify Dropshipping WooCommerce importify allows Retrieve Embedded Sensitive Data.This issue affects Importify Dropshipping WooCommerce: from n/a through = 1.0.4...

PT-2024-13691 · Woocommerce · Importify

Name of the Vulnerable Software and Affected Versions: Importify Dropshipping WooCommerce versions 1.0.0 through 1.0.4 Description: The issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into debugging code. Recommendations: For versions 1.0.0...

CVE-2024-53100

CVE-2024-53100: Linux kernel nvme-tcp fix for a race between queue_lock usage in nvme_tcp_get_address() and destruction in nvme_tcp_free_queue(). The commit 76d54bf20cdc adds a mutex_lock for queue-&gt;queue_lock, but this can race with mutex_destroy(), triggering a WARN during error recovery. A ...

CVE-2024-52811 Acks not validated before logged to qlog leads to buffer overflow in ngtcp2

The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a buffer overflow. In ngtcp2conn::connrecvpkt for an ACK, there was new logic that got added to skip connrecvack if an ack has already been...

CVE-2024-52811

The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a buffer overflow. In ngtcp2conn::connrecvpkt for an ACK, there was new logic that got added to skip connrecvack if an ack has already been...

CVE-2024-52811 Acks not validated before logged to qlog leads to buffer overflow in ngtcp2

The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a buffer overflow. In ngtcp2conn::connrecvpkt for an ACK, there was new logic that got added to skip connrecvack if an ack has already been...