CVE-2025-13160

IQ-Support developed by IQ Service International has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to access specific APIs to obtain sensitive information from the internal network...

EUVD-2025-180549

IQ-Support developed by IQ Service International has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to access specific APIs to obtain sensitive information from the internal network...

CVE-2025-13160 IQ Service International｜IQ-Support - Exposure of Sensitive Information

IQ-Support developed by IQ Service International has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to access specific APIs to obtain sensitive information from the internal network...

Duplicate Advisory: Keycloak allows Binding to an Unrestricted IP Address

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-j4vq-q93m-4683. This link is maintained to preserve external references. Original Description A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to...

GHSA-7M9G-PMXF-M9M8 Duplicate Advisory: Keycloak allows Binding to an Unrestricted IP Address

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-j4vq-q93m-4683. This link is maintained to preserve external references. Original Description A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to...

keycloak-server: Debug default bind address

A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to binding the Java Debug Wire Protocol JDWP port to all network interfaces 0.0.0.0. This exposes the debug port to the local network, allowing an attacker on the same network segment to...

CVE-2025-11538

A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to binding the Java Debug Wire Protocol JDWP port to all network interfaces 0.0.0.0. This exposes the debug port to the local network, allowing an attacker on the same network segment to...

CVE-2025-11538

Keycloak is affected by CVE-2025-11538 in versions prior to 26.4.4 where enabling debug mode (--debug) binds the JDWP port to all interfaces (0.0.0.0), exposing the debug port on the local network. This potentially allows a local-network attacker to attach a remote debugger and achieve remote cod...

CVE-2025-11538 Keycloak-server: debug default bind address

A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to binding the Java Debug Wire Protocol JDWP port to all network interfaces 0.0.0.0. This exposes the debug port to the local network, allowing an attacker on the same network segment to...

CVE-2025-11538

A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to binding the Java Debug Wire Protocol JDWP port to all network interfaces 0.0.0.0. This exposes the debug port to the local network, allowing an attacker on the same network segment to...

Red Hat build of Keycloak 安全漏洞

Red Hat build of Keycloak is a web application for single sign-on from Red Hat, Inc. A security vulnerability exists in Red Hat build of Keycloak version 26.4 that stems from debug mode insecurely binding the JDWP port to all network interfaces, which could lead to remote code execution...

PT-2025-46862

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A security issue exists in Keycloak where enabling debug mode with the --debug flag insecurely binds the Java Debug Wire Protocol JDWP port to all network interfaces 0.0.0.0. This exposes th...

CVE-2025-63667

Incorrect access control in SIMICAM v1.16.41-20250725, KEVIEW v1.14.92-20241120, ASECAM v1.14.10-20240725 allows attackers to access sensitive API endpoints without authentication...

PT-2025-46693

Name of the Vulnerable Software and Affected Versions IBM OpenPages versions 9.0 through 9.1 Description IBM OpenPages versions 9.0 and 9.1 have a security issue that could lead to the disclosure of sensitive information. This is due to insufficient security measures on certain REST API endpoints...

Vatilon IP camera 安全漏洞

Vatilon IP camera is a series of IP cameras from China-based Vatilon Vatilon. A security vulnerability exists in Vatilon IP camera that stems from improper access control and could lead to unauthorized access to sensitive API endpoints...

Moderate: Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.7 security update

The multicluster engine for Kubernetes 2.7 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.7 images The multicluster engine for Kubernetes provides the foundational components that are...

[SECURITY] Fedora 42 Update: libnbd-1.22.5-1.fc42

NBD =E2=80=94 Network Block Device =E2=80=94 is a protocol for accessing Bloc k Devices hard disks and disk-like things over a Network. This is the NBD client library in userspace, a simple library for writing NBD clients. The key features are: Synchronous and asynchronous APIs, both for ease of...

CVE-2025-64173 Apollo Router Core: Access Control Bypass on Polymorphic Types

Apollo Router Core is a configurable graph router written in Rust to run a federated supergraph using Apollo Federation 2. In versions 1.61.11 below, as well as 2.0.0-alpha.0 through 2.8.1-rc.0, a vulnerability allowed for unauthenticated queries to access data that required additional access...

[SECURITY] Fedora 42 Update: qt5-qtgraphicaleffects-5.15.18-1.fc42

The Qt Graphical Effects module provides a set of QML types for adding visually impressive and configurable effects to user interfaces. Effects are visual items that can be added to Qt Quick user interface as UI components...

[SECURITY] Fedora 42 Update: qt5-qtquickcontrols-5.15.18-1.fc42

The Qt Quick Controls module provides a set of controls that can be used to build complete interfaces in Qt Quick...