EyouCMS code-related vulnerabilities

EyouCMS is an open-source content management system CMS developed by Eyou Corporation in China, based on ThinkPHP. Versions of EyouCMS 1.7.1/5.0 and earlier have code vulnerabilities. These vulnerabilities stem from incorrect handling of the viewfile parameter in the checkuserinfo function of the...

TMS code-related vulnerabilities

TMS is a channel-based team communication and collaboration tool developed by Weicheng’s individual developers, along with a lightweight task board. Versions of TMS 2.28.0 and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect handling of the parameter filename i...

Acer Updater Service code-related vulnerabilities

The Acer Updater Service is a software update tool provided by Acer, a company based in Taiwan, China. Version 1.2.3500.0 of the Acer Updater Service contains a code vulnerability. This vulnerability stems from an issue with the service path, where a service path without quotes was used, which ma...

Weird Solutions DHCP Broadband Code Issues and Vulnerabilities

Weird Solutions DHCP Broadband is an IP address management software developed by Weird Solutions Corporation. Version 4.1.0.1503 of Weird Solutions DHCP Broadband contains a code vulnerability caused by service configurations that include service paths without quotes, which may lead to privilege...

Gearboxcomputers WifiHotSpot code-related vulnerabilities

Gearboxcomputers WifiHotSpot is a virtual router software developed by Gearboxcomputers. Version 1.0.0.0 of WifiHotSpot contains a code vulnerability. This vulnerability stems from the service path in WifiHotSpotService.exe that lacks quotation marks, which may lead to privilege escalation...

WordPress plugin Supreme Modules Lite 代码问题漏洞

WordPress Supreme Modules Lite plugin is a free extension plugin designed for Divi themes and DiviBuilder. WordPress Supreme Modules Lite plugin has a code issue vulnerability that stems from insufficient file type validation, which can be exploited by an attacker to cause arbitrary file uploads...

SAP Fiori App Intercompany Balance Reconciliation 代码问题漏洞

SAP Fiori App Intercompany Balance Reconciliation is a financial application from SAP, Germany. A code issue vulnerability exists in SAP Fiori App Intercompany Balance Reconciliation, which can be exploited by an attacker with elevated privileges to upload arbitrary files without proper file form...

Adobe Illustrator 代码问题漏洞

Adobe Illustrator is a suite of vector-based image creation software from the American company Audobee Adobe. A code issue vulnerability exists in Adobe Illustrator version 29.8.3, 30.0 and prior versions that originates from an untrusted search path and could lead to the execution of arbitrary...

Wondershare UBackit 代码问题漏洞

Wondershare UBackit is a computer data backup software from China's Wanxing Technology Wondershare. A code issue vulnerability exists in Wondershare UBackit version 2.0.5, which stems from an unquoted path to the wsbackup service, and could lead to the execution of arbitrary code and elevation of...

e107 代码问题漏洞

e107 is an open source, free and PHP and MySQL based Content Management System CMS from the E107 team. The system supports a variety of plug-ins and appearance themes, and can be used as a personal blog, discussion community, archive repository and so on. A code issue vulnerability exists in e107...

HTC VIVE Runtime Service 代码问题漏洞

HTC VIVE Runtime Service is a core backend driver from HTC Corporation. A code issue vulnerability exists in HTC VIVE Runtime Service version 1.0.0.4, which stems from the service path being unquoted, and could lead to a local user executing arbitrary code and elevating system privileges...

LLMs in Code Vulnerability Analysis: A Proof of Concept

Context: Traditional software security analysis methods struggle to keep pace with the scale and complexity of modern codebases, requiring intelligent automation to detect, assess, and remediate vulnerabilities more efficiently and accurately. Objective: This paper explores the incorporation of...

MiracleLinux 9 : dotnet8.0-8.0.117-1.el9_6.ML.1 (AXSA:2025-10585:15)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10585:15 advisory. dotnet: .NET Remote Code Vulnerability CVE-2025-30399 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

CVE-2023-50944

Apache Airflow, versions before 2.8.1, have a vulnerability that allows an authenticated user to access the source code of a DAG to which they don't have access. This vulnerability is considered low since it requires an authenticated user to exploit it. Users are recommended to upgrade to version...

CVE-2022-31287

An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp...

CVE-2020-12838

ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php...

CVE-2022-38715

A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

TOTOLINK WA1200 代码问题漏洞

TOTOLINK WA1200 is a high power wireless access point from China Gion Electronics TOTOLINK. A code issue vulnerability exists in the TOTOLINK WA1200 version 5.9c.2914, which stems from a null pointer dereference issue in the file cstecgi.cgi...

CVE-2025-1642

A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been declared as critical. This vulnerability affects unknown code of the file /AGE0000700/GetImageMedico?fooId=1. The manipulation of the argument fooId leads to improper control of resource identifiers. The attack can be initiat...

ABB WebPro SNMP Card PowerValue和ABB WebPro SNMP Card PowerValue UL 代码问题漏洞

ABB WebPro SNMP Card PowerValue and ABB WebPro SNMP Card PowerValue UL are both remote web management systems from ABB Switzerland. A code issue vulnerability exists in ABB WebPro SNMP Card PowerValue and ABB WebPro SNMP Card PowerValue UL versions 1.1.8.K and earlier, which stems from improper...