1439 matches found
EUVD-2025-179453
Malicious code in csv-envconfig-achernar-stratigraphy npm...
CVE-2025-12924 rymcu forest BankController.java GlobalResult authorization
A vulnerability was identified in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. This issue affects the function GlobalResult of the file src/main/java/com/rymcu/forest/web/api/bank/BankController.java. The manipulation leads to missing authorization. The attack may be initiated...
Arbitrary Code Execution
@anthropic-ai/claude-code is vulnerable to Arbitrary Code Execution. The vulnerability is due to the automatic execution of Yarn plugins when running yarn --version, which allows an attacker to bypass the directory trust dialog and execute code before the user confirms trust in the directory...
Cisco Unified Contact Center Express 代码问题漏洞
Cisco Unified Contact Center Express Unified CCX is a customer relationship management component of a unified communications solution from Cisco. The component supports features such as self-service voice, call distribution, and customer access control. A security vulnerability exists in Cisco...
Specification-Guided Vulnerability Detection with Large Language Models
Large language models LLMs have achieved remarkable progress in code understanding tasks. However, they demonstrate limited performance in vulnerability detection and struggle to distinguish vulnerable code from patched code. We argue that LLMs lack understanding of security specifications -- the...
On Selecting Few-Shot Examples for LLM-Based Code Vulnerability Detection
Large language models LLMs have demonstrated impressive capabilities for many coding tasks, including summarization, translation, completion, and code generation. However, detecting code vulnerabilities remains a challenging task for LLMs. An effective way to improve LLM performance is in-context...
CVE-2025-64216
CVE-2025-64216 is a Local File Inclusion vulnerability in WordPress theme SmartMag (versions
Yonyou U8 Cloud 代码问题漏洞
Yonyou U8 Cloud is a cloud-based enterprise management system from China's UFIDA Yonyou Corporation. A code issue vulnerability exists in Yonyou U8 Cloud 5.1sp and earlier versions, which stems from incorrect manipulation of the parameter ts/sign in the file/service/NCloudGatewayServlet, which...
CVE-2025-12224 Iqbolshoh php-business-website contact.php cross site scripting
A flaw has been found in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This vulnerability affects unknown code of the file admin/contact.php. This manipulation of the argument twitter causes cross site scripting. The attack may be initiated remotely. The exploit h...
Kamailio 代码问题漏洞
Kamailio is an open source implementation of a SIP signaling server from Kamailio Open Source. A code issue vulnerability exists in Kamailio version 5.5, which stems from a null pointer dereference in the function yyerrorat in the file src/core/cfg.y, which could lead to a local attack...
Windows BitLocker Security Feature Bypass Vulnerability
Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
SAP Supplier Relationship Management 代码问题漏洞
SAP Supplier Relationship Management SRM is a supplier relationship management solution from SAP, Germany. The product automates purchasing and acquisition processes within an organization and between suppliers, and provides functionality such as invoicing. A code issue vulnerability exists in SA...
Microsoft Windows DirectX 代码问题漏洞
Microsoft Windows DirectX is a DirectX end-user runtime Web installer from Microsoft Corporation USA. A code issue vulnerability exists in Microsoft Windows DirectX, which can be exploited by an attacker to cause a denial of service on a system...
EUVD-2016-8868
Malware in sbrugna...
EUVD-2019-17659
Malware in sbrugna...
EUVD-2017-14297
Malware in sbrugna...
EUVD-2019-5583
Malware in sbrugna...
EUVD-2019-4810
Malware in sbrugna...
EUVD-2021-24925
Malware in sbrugna...
EUVD-2019-4904
Malware in sbrugna...