CVE-2025-30354 Bruno ignores Safe-Mode in Asserts expressions

Bruno is an open source IDE for exploring and testing APIs. A bug in the assertion runtime caused assert expressions to run in Developer Mode, even if Safe Mode was selected. The bug resulted in the sandbox settings to be ignored for the particular case where a single request is run/sent. This...

CVE-2025-1424 Privilege Escalation Through SUID Binary and Developer Mode

A privilege escalation vulnerability in PocketBook InkPad Color 3 allows attackers to escalate to root privileges if they gain physical access to the device. This issue affects InkPad Color 3 in version U743k3.6.8.3671...

PT-2025-25577 · Google · Chrome Os

Name of the Vulnerable Software and Affected Versions: Google ChromeOS version 16181.27.0 Description: The issue allows a local attacker to bypass permissions in Extension Management, enabling them to disable extensions and access Developer Mode. This can lead to the loading of additional...

Mozilla: Mozilla VPN Clients: RCE via file write and path traversal

The report describes a path traversal vulnerability in the Mozilla VPN client software that allowed for remote code execution. The vulnerability was found in the "livereload" command of the client's inspector feature, which could be accessed when the client was in developer mode with "Use Staging...

Apache Struts 2.0.0 < 2.3.18 RCE (S2-008)

The version of Apache Struts installed on the remote host is prior to 2.3.18. It is, therefore, affected by a vulnerability as referenced in the S2-008 advisory. - The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute...

Exploit for Special Element Injection in Google Android

!python-static-badgehttps://img.shields.io/badge/Python-blue?...

GHSA-VX97-8Q8Q-QGQ5 Mattermost's detailed error messages reveal the full file path

Mattermost versions 9.6.x = 9.6.0, 9.5.x = 9.5.2, 9.4.x = 9.4.4 and 8.1.x = 8.1.11 fail to remove detailed error messages in API requests even if the developer mode is off which allows an attacker to get information about the server such as the full path were files are stored...

First handset with MTE on the market

By Mark Brand, Google Project Zero Introduction It's finally time for me to fulfill a long-standing promise. Since I first heard about ARM's Memory Tagging Extensions, I've said to far too many people at this point to be able to back out… that I'd immediately switch to the first available device...

CVE-2023-30958 DOM XSS in Developer mode dashboard via redirect GET parameter

A security defect was identified in Foundry Frontend that enabled users to potentially conduct DOM XSS attacks if Foundry's CSP were to be bypassed. This defect was resolved with the release of Foundry Frontend 6.225.0...

CVE-2023-30955

A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Developer Mode'. This enabled users with insufficient privilege the ability to view and interact with Developer Mode settings in a limited capacity. A fi...

Authorization

A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Developer Mode'. This enabled users with insufficient privilege the ability to view and interact with Developer Mode settings in a limited capacity. A fi...

CVE-2023-30955

CVE-2023-30955 affects Palantir Foundry workspace-server prior to version 7.7.0, enabling a user to bypass an authorization check and view/interact with Developer Mode settings with insufficient privileges. The issue is resolved by upgrading to workspace-server 7.7.0 (fix deployed). Practical gui...

CVE-2023-30955 Foundry workspace-server Developer Mode Authorization Bypass

A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Developer Mode'. This enabled users with insufficient privilege the ability to view and interact with Developer Mode settings in a limited capacity. A fi...

CVE-2023-30955 Foundry workspace-server Developer Mode Authorization Bypass

A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Developer Mode'. This enabled users with insufficient privilege the ability to view and interact with Developer Mode settings in a limited capacity. A fi...

PT-2023-23084 · Foundry · Workspace-Server

Name of the Vulnerable Software and Affected Versions: Foundry workspace-server versions prior to 7.7.0 Description: A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Developer Mode'. This allowed users...

CVE-2023-21141

In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2023-21141

In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2023-21141

CVE-2023-21141 affects Android 11–13 and is linked to a permissions bypass that allows access to developer mode traces, enabling local information disclosure without additional execution privileges. The vulnerability is described as an information disclosure (ID) issue with local attack vector an...

CVE-2023-21141

In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

K25570584: Apache Struts vulnerability CVE-2012-0394

Security Advisory Description DISPUTED The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability...