71 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN to devwarnratelimited in rcarpciewakeup Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is in need of maintenance, or t...
CVE-2025-59098 Trace Functionality Leaking Sensitive Data in dormakaba access manager
The Access Manager is offering a trace functionality to debug errors and issues with the device. The trace functionality is implemented as a simple TCP socket. A tool called TraceClient.exe, provided by dormakaba via the Access Manager web interface, is used to connect to the socket and receive...
PT-2026-4748
The Access Manager is offering a trace functionality to debug errors and issues with the device. The trace functionality is implemented as a simple TCP socket. A tool called TraceClient.exe, provided by dormakaba via the Access Manager web interface, is used to connect to the socket and receive...
EUVD-2024-3408
Malicious code in bioql PyPI...
linux-smart-enumeration
First, a couple of useful oneliners ; console wget "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -O lse.sh;chmod 700 lse.sh console curl "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -Lo lse.sh;chmod 700...
CVE-2022-29177
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that...
event-driven-ansible: exposure inventory passwords in plain text when starting a rulebook activation with verbosity set to debug in EDA
A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also affects Event Streams...
event-driven-ansible: exposure inventory passwords in plain text when starting a rulebook activation with verbosity set to debug in EDA
A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also affects Event Streams...
CVE-2025-2877 Event-driven-ansible: exposure inventory passwords in plain text when starting a rulebook activation with verbosity set to debug in eda
A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also affects Event Streams...
CVE-2025-2877 Event-driven-ansible: exposure inventory passwords in plain text when starting a rulebook activation with verbosity set to debug in eda
A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also affects Event Streams...
CVE-2025-2877
Summary: CVE-2025-2877 concerns Red Hat Ansible Automation Platform’s Event-Driven Ansible where, in configurations with verbosity set to debug, inventory passwords are exposed in plain text during rulebook activations and related Event Streams. Affected scope (from connected docs): Red Hat Ansib...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check cfglogverbose before calling lpfcdmpdbg, which causes the system to hang...
CVE-2024-20440
A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to excessive verbosity in a debug log file. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected...
Exploit for Unprotected Alternate Channel in Rockwellautomation Allen-Bradley_Stratix_5200_Firmware
CVE-2023-20198 Exploit PoC for CVE-2023-20198 Description...
CVE-2024-43876
In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN to devwarnratelimited in rcarpciewakeup Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is in need of maintenance, or t...
CVE-2024-43876
In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN to devwarnratelimited in rcarpciewakeup Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is in need of maintenance, or t...
PT-2024-21320 · Liferay · Liferay Dxp +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.2.0 through 7.4.3.25 Liferay DXP 7.4 before update 26 Liferay DXP 7.3 before update 5 Liferay DXP 7.2 before fix pack 19 Description: The default value of the portal property http.header.version.verbosity is set to...
SUSE CVE-2020-8563
In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects v1.19.3...
Exploit for Argument Injection in Atlassian Bitbucket
CVE-2022-36804-PoC Multithreaded exploit script for CVE-2022-3...
CVE-2022-20914 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability
A vulnerability in the External RESTful Services ERS API of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to excessive verbosity in a specific REST API output. An attacker could exploit this...