PT-2026-38997

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In VFIO passthrough setups, it is possible to pass through only a Physical Function PF that does not own the source timer. In such configurations, the PTP controlling PF adapter-ctrl pf ...

CVE-2026-23082 can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: unanchor URL on usbsubmiturb error In commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak", the URB was re-anchored before usbsubmiturb in gsusbreceivebulkcallback ...

PYSEC-2025-101

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

PYSEC-2025-101

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

DEBIAN-CVE-2024-53202

In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...

CVE-2024-53202 firmware_loader: Fix possible resource leak in fw_log_firmware_info()

In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...

Elastic Enterprise Search Log Information Disclosure Vulnerability

Elastic Enterprise Search is an enterprise search tool from Dutch company Elastic. A security vulnerability exists in Elastic Enterprise Search versions 7.0.0 through 7.17.16 and 8.0.0 through 8.11.2, which stems from App Search's Documents API recording the original content of indexed documents ...

Couchbase Server 安全漏洞

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. A security vulnerability exists in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta, which stems from a fault...

CVE-2021-25645

An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6.6.x before 6.6.1. An internal user with administrator privileges, @nsserver, leaks credentials in cleartext in the cbcollectinfo.log, debug.log, nscouchdb.log, indexer.log, and stats.log files. NOTE:...

UBUNTU-CVE-2021-25284

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...

PYSEC-2021-53

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...

CVE-2021-25284

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...

Saltstack SaltStack Salt 安全漏洞

SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions prior to Salt 3002.5 that stems from the ability to log...

CVE-2020-7599

All versions of com.gradle.plugin-publish before 0.11.0 are vulnerable to Insertion of Sensitive Information into Log File. When a plugin author publishes a Gradle plugin while running Gradle with the --info log level flag, the Gradle Logger logs an AWS pre-signed URL. If this build log is public...