Microsoft Windows Ancillary Function Driver for WinSock 代码问题漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a accessibility driver for Winsock from Microsoft Corporation. There are code-related vulnerabilities in the Microsoft Windows Ancillary Function Driver for WinSock. Attackers can exploit these vulnerabilities to gain elevated...

Mobatek MobaXterm 代码问题漏洞

Mobatek MobaXterm is a terminal software package developed by the French company Mobatek. It integrates an enhanced terminal, an X server, and a Unix command set GNU/Cygwin. Versions of Mobatek MobaXterm prior to version 26.1 contained code vulnerabilities. These vulnerabilities stemmed from...

Backstage 代码问题漏洞

Backstage is an open-source application developed by Backstage. It serves as an open platform for building developer portals. Versions of Backstage prior to 1.14.3 contained code-related vulnerabilities. These vulnerabilities stemmed from defects in the configuration allowlist, which could allow...

Wallos 代码问题漏洞

Wallos is an open-source personal subscription tracker developed by Miguel Ribeiro. Versions of Wallos prior to 4.6.2 had code vulnerabilities, as the url parameters could be used to access local system files...

pinchtab 代码问题漏洞

Pinchtab is an open-source AI proxy browser control tool developed by Pinchtab. Versions of Pinchtab prior to 0.7.7 contained code vulnerabilities. These vulnerabilities stemmed from the download endpoint’s server-side request forgeing, which could allow the server to make requests to arbitrary...

Tencent WeKnora 代码问题漏洞

Tencent WeKnora is a LLM-based framework developed by Tencent China. It features deep document understanding using the RAG paradigm, semantic retrieval, and context-aware answers. Versions of Tencent WeKnora prior to 0.3.0 contained code vulnerabilities. These vulnerabilities were caused by a DNS...

Sliver 代码问题漏洞

Sliver is an open-source, cross-platform opponent simulation/red team framework developed by Bishop Fox. It can be used by organizations of various sizes for security testing. Versions of Sliver prior to 1.7.3 have code vulnerabilities; these vulnerabilities stem from Protobuf deserialization log...

Acronis Cyber Protect Cloud Agent 代码问题漏洞

Acronis Cyber Protect Cloud Agent is a cloud agent developed by the Swiss company Acronis. Versions of Acronis Cyber Protect Cloud Agent prior to build 41124 contained code-related vulnerabilities. These vulnerabilities were caused by DLL hijacking, which could lead to an increase in local...

WWBN AVideo 代码问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 24.0 contained code vulnerabilities. These vulnerabilities stemmed from insufficient validation in the plugin upload/import function, allowing authenticated administrators to...

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant. Versions of OpenClaw prior to 2026.2.14 had code-related vulnerabilities. These vulnerabilities stemmed from insufficient constraints on the hook module paths configured by the gateway, allowing attackers with access to modify the gatew...

Twenty CRM 代码问题漏洞

Twenty CRM is an open-source customer relationship management system developed by Twenty. Versions of Twenty CRM prior to version 1.18 contained code vulnerabilities. These vulnerabilities stemmed from an SSRF protection mechanism that did not validate redirect targets, allowing authenticated use...

Dell PowerScale OneFS 代码问题漏洞

Dell PowerScale OneFS is an operating system developed by the American company Dell. It provides a horizontally scalable NAS solution through the PowerScale OneFS operating system. Versions of Dell PowerScale OneFS prior to 9.10.1.6, as well as versions 9.11.0.0 to 9.12.0.1, have code...

Dell Device Management Agent 代码问题漏洞

Dell Device Management Agent is a terminal device management program developed by the American company Dell. Versions of the Dell Device Management Agent prior to 26.02 contained code vulnerabilities. These vulnerabilities stemmed from improper checks for exceptions or special situations, which...

openbabel 代码问题漏洞

OpenBabel is an open-source chemistry toolkit software developed by Open Babel. Versions of OpenBabel 3.1.1 and earlier contained code vulnerabilities. These vulnerabilities stemmed from a null pointer dereferencing in the OBAtom::GetExplicitValence function in the isrc/atom.cpp file, which could...

ZimaOS 代码问题漏洞

ZimaOS is an open-source operating system project by IceWhaleTech, aimed at providing a lightweight, high-performance, and secure operating system environment. ZimaOS versions 1.5.0 and earlier have code vulnerabilities; these vulnerabilities stem from insufficient validation or restrictions on...

EV2GO 代码问题漏洞

EV2GO is a electric vehicle charging facility management platform developed by the Russian company EV2GO. EV2GO has code-related vulnerabilities; these vulnerabilities stem from the predictable WebSocket backend session identifiers, which allow multiple endpoints to use the same session identifie...

Manyfold 代码问题漏洞

Manyfold is a self-hosted web application developed by Manyfold OpenSource. Versions of Manyfold prior to 0.133.0 had code-related vulnerabilities; these vulnerabilities were caused by Cookie leaks in the proxy cache, which could lead to session hijacking...

gvfs 代码问题漏洞

GVfs is a virtual file system developed under the Gnome open-source project. GVfs has code vulnerabilities that stem from the unconditional trust placed in information within the passive mode response by clients. This vulnerability could allow malicious servers to detect open ports on the client’...

Packistry 代码问题漏洞

Packistry is an open-source, self-hosted Composer repository developed by Packistry. Versions of Packistry prior to 0.13.0 had code-related vulnerabilities. These vulnerabilities stemmed from the lack of enforcement of token expiration checks, which could lead to unauthorized access...

Vikunja 代码问题漏洞

Vikunja is an open-source to-do application developed by Vikunja developers. Versions of Vikunja prior to 2.0.0 had code vulnerabilities. These vulnerabilities stemmed from allowing the setting of weak passwords, where user-changed passwords still allowed active sessions to remain valid,...