PYSEC-2025-101

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

Couchbase Sync Gateway 安全漏洞

Couchbase Sync Gateway is a secure web gateway for data access and data synchronization over the web from Couchbase, Inc. A security vulnerability exists in Couchbase Sync Gateway versions prior to 3.2.6, which stems from logs containing plaintext passwords that could lead to information disclosu...

CVE-2025-52490

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

PT-2025-31263 · Couchbase · Couchbase Sync Gateway

Name of the Vulnerable Software and Affected Versions: Couchbase Sync Gateway versions prior to 3.2.6 Description: An issue was discovered where cleartext passwords were present in both redacted and unredacted output within the sgcollect info options.log and sync gateway.log files. Recommendation...

CVE-2025-52490

CVE-2025-52490 affects Couchbase Sync Gateway versions prior to 3.2.6. The issue arises from cleartext passwords appearing in redacted and unredacted output in sgcollect_info_options.log and sync_gateway.log, enabling potential information disclosure. The linked advisories indicate upgrading to a...

CVE-2025-52490

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

DEBIAN-CVE-2025-38409

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

AZL-65723 CVE-2025-38409 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

AZL-73031 CVE-2025-38409 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

UBUNTU-CVE-2025-38409

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

SUSE-SU-2025:02475-1 Security update 4.3.16 for Multi-Linux Manager Server

This update fixes the following issues: cobbler: - Prevent crash during Cobbler startup on NFS environments bsc1240666 - Synchronize cobbler add and sync actions bsc1233371 - Exclude disabled profiles from buildiso gen bsc1230908 grafana-formula: - Version 4.3.0: Added SUSE Linux Enterprise Serve...

CVE-2025-7699

An improper access control vulnerability was found in the EZ Sync Manager of ADM, which allows authenticated users to copy arbitrary files from the server file system into their own EZSync folder. The vulnerability is due to a lack of authorization checks on the file parameter of the HTTP request...

CVE-2025-7699

An improper access control vulnerability was found in the EZ Sync Manager of ADM, which allows authenticated users to copy arbitrary files from the server file system into their own EZSync folder. The vulnerability is due to a lack of authorization checks on the file parameter of the HTTP request...

CVE-2025-7699 An improper access control vulnerability was found in the EZ Sync Manager of ADM

An improper access control vulnerability was found in the EZ Sync Manager of ADM, which allows authenticated users to copy arbitrary files from the server file system into their own EZSync folder. The vulnerability is due to a lack of authorization checks on the file parameter of the HTTP request...

CVE-2025-7699

The CVE-2025-7699 issue affects ADM’s EZ Sync Manager. A lack of authorization checks on the HTTP file parameter allows authenticated users to copy arbitrary server files into their EZSync folder, potentially exposing sensitive data. Affected: ADM 4.1.0–4.3.3.RH61 and ADM 5.0.0.RIN1 and earlier. ...

CVE-2025-7699 An improper access control vulnerability was found in the EZ Sync Manager of ADM

An improper access control vulnerability was found in the EZ Sync Manager of ADM, which allows authenticated users to copy arbitrary files from the server file system into their own EZSync folder. The vulnerability is due to a lack of authorization checks on the file parameter of the HTTP request...

ASUSTOR ADM 安全漏洞

ASUSTOR ADM is a specialized operating system for all ASUSTOR NAS devices from China's Hua Yun Technology ASUSTOR. A security vulnerability exists in ASUSTOR ADM versions 4.1.0 through 4.3.3.RH61 and 5.0.0.RIN1 and earlier, which stems from improper access control of the EZ Sync Manager, and coul...

PT-2025-29718 · Adm · Adm

Name of the Vulnerable Software and Affected Versions: ADM versions 4.1.0 through 4.3.3.RH61 ADM version 5.0.0.RIN1 and earlier Description: An improper access control vulnerability exists in the EZ Sync Manager of ADM. Authenticated users can copy arbitrary files from the server file system into...

sound/virtio: Fix cancel_sync warnings on uninitialized work_structs

...

Microsoft Office Outlook Code Execution

This proof-of-concept exploit demonstrates a code execution vulnerability in Microsoft Outlook. It injects a crafted mail item into Outlook containing a malicious sync path that triggers an action during scanning...