Lucene search
K

872 matches found

RedhatCVE
RedhatCVE
added 2025/12/19 3:16 p.m.6 views

CVE-2025-64468

There is a use-after-free vulnerability in sentry!sentryspansetdata when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability...

8.5CVSS7.3AI score0.00132EPSS
Exploits0References1
OSV
OSV
added 2025/12/18 3:15 p.m.8 views

CVE-2025-64468

There is a use-after-free vulnerability in sentry!sentryspansetdata when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability...

8.5CVSS6AI score0.00132EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 3:15 p.m.10 views

CVE-2025-64468

There is a use-after-free vulnerability in sentry!sentryspansetdata when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability...

8.5CVSS0.00132EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 2:50 p.m.4 views

CVE-2025-64468 Use-after-Free in sentry!sentry_span_set_data() in NI LabVIEW

There is a use-after-free vulnerability in sentry!sentryspansetdata when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability...

8.5CVSS6.9AI score0.00132EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 2:50 p.m.23 views

CVE-2025-64468

CVE-2025-64468 describes a use-after-free in NI LabVIEW’s sentry!sentry_span_set_data() when parsing a corrupted VI file. This could lead to information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI file, and affects LabVIEW 2025 Q3 (25.3) and...

8.5CVSS6.9AI score0.00132EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/18 2:50 p.m.20 views

CVE-2025-64468 Use-after-Free in sentry!sentry_span_set_data() in NI LabVIEW

There is a use-after-free vulnerability in sentry!sentryspansetdata when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability...

8.5CVSS0.00132EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.8 views

PT-2025-52242

Name of the Vulnerable Software and Affected Versions NI LabVIEW versions 2025 Q3 25.3 and prior Description A use-after-free issue exists in the sentry span set data function when processing a malformed VI file. Exploitation of this issue could lead to information disclosure or arbitrary code...

8.5CVSS6.9AI score0.00132EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/02 7:22 a.m.4 views

CVE-2025-65944

Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...

5CVSS6.5AI score0.00298EPSS
Exploits0References1
NVD
NVD
added 2025/11/25 1:15 a.m.9 views

CVE-2025-65944

Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...

5CVSS0.00298EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/25 12:23 a.m.2 views

CVE-2025-65944 Sentry-Javascript deals with leaked sensitive headers when `sendDefaultPii` is set to `true`

Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...

5CVSS6.4AI score0.00298EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/25 12:23 a.m.12 views

CVE-2025-65944 Sentry-Javascript deals with leaked sensitive headers when `sendDefaultPii` is set to `true`

Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...

5CVSS0.00298EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/25 12:23 a.m.6 views

EUVD-2025-198990

Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...

5CVSS6.3AI score0.00298EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.5 views

PT-2025-47977

Sentry-Javascript is an official Sentry SDKs for JavaScript. From version 10.11.0 to before 10.27.0, when a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers...

5CVSS6.8AI score0.00298EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.6 views

Sentry 安全漏洞

Sentry is a developer-oriented bug tracking and performance monitoring platform from Sentry Open Source. A security vulnerability exists in Sentry versions 10.11.0 through prior to 10.27.0, which stems from the possibility of sending sensitive HTTP headers that could lead to elevated privileges...

5CVSS6.3AI score0.00298EPSS
Exploits0References4
Snyk
Snyk
added 2025/11/24 9:52 p.m.2 views

Insertion of Sensitive Information Into Sent Data

Overview @sentry/node-core is a Sentry Node-Core SDK Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as authentication cookies, by viewing...

7.2CVSS6.9AI score0.00298EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/24 9:52 p.m.2 views

Insertion of Sensitive Information Into Sent Data

Overview @sentry/remix is an Official Sentry SDK for Remix Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as authentication cookies, by...

7.2CVSS6.9AI score0.00298EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/24 9:52 p.m.2 views

Insertion of Sensitive Information Into Sent Data

Overview @sentry/nextjs is an Official Sentry SDK for Next.js Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as authentication cookies, b...

7.2CVSS6.9AI score0.00298EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/24 9:52 p.m.1 views

Insertion of Sensitive Information Into Sent Data

Overview @sentry/nuxt is an Official Sentry SDK for Nuxt EXPERIMENTAL Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as authentication...

7.2CVSS6.9AI score0.00298EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/24 9:52 p.m.2 views

Insertion of Sensitive Information Into Sent Data

Overview @sentry/cloudflare is an Official Sentry SDK for Cloudflare Workers and Pages Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as...

7.2CVSS6.9AI score0.00298EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/24 9:52 p.m.2 views

Insertion of Sensitive Information Into Sent Data

Overview @sentry/astro is an Official Sentry SDK for Astro Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the sendDefaultPii configuration option. An attacker can gain access to sensitive HTTP headers, such as authentication cookies, by...

7.2CVSS6.6AI score0.00298EPSS
Exploits0References2
Rows per page
Query Builder