Siemens多款产品 代码问题漏洞

Siemens SIMOTION SCOUT TIA and others are products of Siemens, Germany.Siemens SIMOTION SCOUT TIA is a high-end motion control system.Siemens SIMOTION SCOUT is a high-end motion control system.Siemens SINAMICS STARTER is a drive debugging tool software. A code issue vulnerability exists in severa...

Siemens多款产品 代码问题漏洞

Siemens Automation License Manager is a license manager for Siemens products from Siemens Germany. A code issue vulnerability exists in various Siemens products that stems from susceptibility to DLL hijacking attacks, which could lead to the execution of arbitrary code...

agora 代码问题漏洞

agora is a cloud-based learning and research platform open-sourced by the Agora Foundation. A code issue vulnerability exists in versions prior to agora fall23-Alpha1 690ce56, which stems from a user controller allowing non-standard image formats leading to cross-site scripting attacks...

Microsoft Azure Open AI 代码问题漏洞

Microsoft Azure Open AI is an artificial intelligence service from Microsoft Corporation USA. A code issue vulnerability exists in Microsoft Azure Open AI. An attacker can elevate privileges by exploiting the vulnerability...

SATO CL4/6NX Plus和SATO CL4/6NX-J Plus 代码问题漏洞

SATO CL4/6NX Plus and SATO CL4/6NX-J Plus are both series of smart industrial label printers from SATO Japan. A code issue vulnerability exists in the SATO CL4/6NX Plus and SATO CL4/6NX-J Plus versions prior to 1.15.5-r1, which stems from the fact that uploading a specially crafted hazardous file...

CVE-2025-54795

Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code...

CVE-2025-8330

A vulnerability has been found in code-projects Vehicle Management 1.0 and classified as critical. This vulnerability affects unknown code of the file /edit1.php. The manipulation of the argument sno leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to t...

CVE-2025-8438 code-projects Wazifa System postpublish.php sql injection

A vulnerability classified as critical was found in code-projects Wazifa System 1.0. This vulnerability affects unknown code of the file /controllers/postpublish.php. The manipulation of the argument post leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed...

CVE-2025-4424

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/productsecurity/home...

CVE-2025-8330 code-projects Vehicle Management edit1.php sql injection

A vulnerability has been found in code-projects Vehicle Management 1.0 and classified as critical. This vulnerability affects unknown code of the file /edit1.php. The manipulation of the argument sno leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to t...

Ventem e-School 代码问题漏洞

Ventem e-School is a smart school platform from Feiyu Hi-Tech Ventem of Taiwan, China. A code issue vulnerability exists in Ventem e-School, which originates from the arbitrary file upload feature and could lead to remote code execution...

PT-2025-31364 · Insyde · Insydeh2O

Name of the Vulnerable Software and Affected Versions: Lenovo devices running InsydeH2O firmware affected versions not specified Description: A high-severity flaw exists in Lenovo devices running InsydeH2O firmware. Local attackers with privileges can exploit a buffer flaw to escalate access...

.NET 8.0 security update

An update is available for dotnet8.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

.NET 9.0 security update

An update is available for dotnet9.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

RLSA-2025:8815 Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6.Securi...

RLSA-2025:8812 Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.117 and .NET Runtime...

PT-2025-31292 · Apple · Macos Sonoma 14.7.7 +2

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.6 macOS versions prior to Sonoma 14.7.7 Description: An application may be able to access protected user data due to vulnerable code. This issue was addressed by removing the vulnerable code. Recommendations...

µD3TN 代码问题漏洞

µD3TN is a free, lean and space-tested implementation of the DTN protocol for POSIX and microcontrollers from the D3TN open source. A code issue vulnerability exists in µD3TN that stems from a non-singleton target endpoint identifier resulting in a null pointer dereference, which could result in ...

Thinkgem JeeSite 代码问题漏洞

Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Joyuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components , workflo...

DSpace 代码问题漏洞

DSpace is an open source turnkey repository application from the DuraSpace community. A code issue vulnerability exists in DSpace versions prior to 7.6.4, prior to 8.2, and prior to 9.1, which stems from XML external entity injection and could lead to the disclosure of sensitive information...