Zyxel VMG3625-T50B和Zyxel WX3100-T0 代码问题漏洞

Both Zyxel VMG3625-T50B and Zyxel WX3100-T0 are products of the Chinese company Zyxel. Zyxel VMG3625-T50B is a Wi-Fi device. Zyxel WX3100-T0 is a wireless bridge. There are code vulnerabilities in versions of Zyxel VMG3625-T50B 5.50ABPM.9.6C0 and earlier, as well as Zyxel WX3100-T0 5.50ABVL.4.8C0...

FastAPI Admin 代码问题漏洞

FastAPI Admin is an open-source management dashboard based on FastAPI and TortoiseORM. Versions of FastAPI Admin 2.2.0 and earlier have code vulnerabilities. These vulnerabilities stem from improper handling of the uploadcontroller function in the...

Datapizza AI 代码问题漏洞

Datapizza AI is an open-source development framework for intelligent agents by Datapizza. Version 0.0.2 of Datapizza AI contains code vulnerabilities. These vulnerabilities stem from incorrect operations on the function RedisCache in the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.p...

Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

Artificial intelligence AI company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user's software codebase for vulnerabilities and suggest patches. The capability, called Claude Code Security , is currently available in a limited research preview to...

OpenSift 代码问题漏洞

OpenSift is an open-source artificial intelligence learning assistant developed by OpenSift. Versions of OpenSift 1.1.2-alpha and earlier contained code vulnerabilities. These vulnerabilities stemmed from overly permissive server-side access behaviors allowed by URL ingestion, which could lead to...

WordPress plugin Oxygen 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Music Assistant 代码问题漏洞

Music Assistant is an open-source media library manager developed by Music Assistant. Versions of Music Assistant 2.6.3 and earlier contained code vulnerabilities. These vulnerabilities stemmed from the music/playlists/update API, which allowed bypassing the .m3u extension restriction and allowin...

WordPress plugin Bravis Addons 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

WorldQuant Alpha Generator 代码问题漏洞

WorldQuant Alpha Generator is a mining software developed by zhutoutoutousan. Versions of WorldQuant Alpha Generator 1.0.9 and earlier have code vulnerabilities. These vulnerabilities stem from incorrect operations with the parameter makerequest in the file...

pfSense 代码问题漏洞

pfSense is a network firewall based on FreeBSD Linux. pfSense has code-related vulnerabilities, which stem from defects in the code, potentially leading to execution of unauthorized code...

IBM Watsonx.data 代码问题漏洞

IBM Watsonx.data is an open data lake platform developed by IBM. There were code vulnerabilities in versions 2.2 to 2.2.1 of IBM Watsonx.data. These vulnerabilities allowed privileged users to upload malicious files and execute them on the server, potentially leading to modifications to files or...

Tandoor Recipes 代码问题漏洞

Tandoor Recipes is an open-source application designed for managing recipes, planning meals, creating shopping lists, and more. Versions of Tandoor Recipes prior to 2.5.1 had code vulnerabilities. These vulnerabilities stemmed from the Cookmate recipe import feature not verifying the target URL...

NTN Smart Panel 代码问题漏洞

NTN Smart Panel is a software for insurance business operations developed by the Turkish company NTN. Versions of NTN Smart Panel prior to 20251215 had code-related vulnerabilities. These vulnerabilities stemmed from unlimited upload of dangerous types of files, which could lead to access to...

Manga/Image Translator 代码问题漏洞

Manga/Image Translator is a text-to-image translation tool developed by zyddnys’ individual developers. Beta versions of Manga/Image Translator, such as 0.3 and earlier, had code vulnerabilities. These vulnerabilities stemmed from the use of pickle.loads to deserialize request bodies controlled b...

Flowring Agentflow 代码问题漏洞

Flowring Agentflow is an intelligent process automation RPA platform developed by Flowring Corporation in China. There are code-related vulnerabilities in Flowring Agentflow. These vulnerabilities stem from arbitrary file uploads, which may allow authenticated remote attackers to upload and execu...

Intel Optane PMem management software 代码问题漏洞

Intel Optane PMem management software is a persistent memory management software developed by Intel Corporation. Previous versions of Intel Optane PMem management software, such as CRMGMT02.00.00.4052 and CRMGMT03.00.00.0538, contained code vulnerabilities due to improper conditional checks, whic...

Intel NPU Drivers 代码问题漏洞

Intel NPU Drivers are driver programs for Intel’s Neural Network Processing Units. There are code vulnerabilities in Intel NPU Drivers, which stem from improper firmware conditional checks, potentially leading to privilege escalation...

Adobe Substance3D Designer 代码问题漏洞

Adobe Substance3D Designer is a texture and material creation software developed by Adobe Inc. Versions of Adobe Substance3D Designer 15.1.0 and earlier have code vulnerabilities that stem from null pointer dereferencing, which may lead to denial-of-service attacks...

Microsoft Windows Storage 代码问题漏洞

Microsoft Windows Storage is a data storage solution provided by the American company Microsoft. There are code-related vulnerabilities in Microsoft Windows Storage. Attackers can exploit these vulnerabilities to gain elevated privileges. The following products and versions are affected: Windows ...

Siemens SINEC NMS 代码问题漏洞

Siemens SINEC NMS is a network management system developed by Siemens in Germany. This system can be used for round-the-clock centralized monitoring, management, and configuration of industrial networks containing tens of thousands of devices, including those related to security applications...