Acer Updater Service code-related vulnerabilities

The Acer Updater Service is a software update tool provided by Acer, a company based in Taiwan, China. Version 1.2.3500.0 of the Acer Updater Service contains a code vulnerability. This vulnerability stems from an issue with the service path, where a service path without quotes was used, which ma...

Gearboxcomputers WifiHotSpot code-related vulnerabilities

Gearboxcomputers WifiHotSpot is a virtual router software developed by Gearboxcomputers. Version 1.0.0.0 of WifiHotSpot contains a code vulnerability. This vulnerability stems from the service path in WifiHotSpotService.exe that lacks quotation marks, which may lead to privilege escalation...

WordPress plugin Supreme Modules Lite 代码问题漏洞

WordPress Supreme Modules Lite plugin is a free extension plugin designed for Divi themes and DiviBuilder. WordPress Supreme Modules Lite plugin has a code issue vulnerability that stems from insufficient file type validation, which can be exploited by an attacker to cause arbitrary file uploads...

LLMs in Code Vulnerability Analysis: A Proof of Concept

Context: Traditional software security analysis methods struggle to keep pace with the scale and complexity of modern codebases, requiring intelligent automation to detect, assess, and remediate vulnerabilities more efficiently and accurately. Objective: This paper explores the incorporation of...

SAP Fiori App Intercompany Balance Reconciliation 代码问题漏洞

SAP Fiori App Intercompany Balance Reconciliation is a financial application from SAP, Germany. A code issue vulnerability exists in SAP Fiori App Intercompany Balance Reconciliation, which can be exploited by an attacker with elevated privileges to upload arbitrary files without proper file form...

MiracleLinux 9 : dotnet8.0-8.0.117-1.el9_6.ML.1 (AXSA:2025-10585:15)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10585:15 advisory. dotnet: .NET Remote Code Vulnerability CVE-2025-30399 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

Adobe Illustrator 代码问题漏洞

Adobe Illustrator is a suite of vector-based image creation software from the American company Audobee Adobe. A code issue vulnerability exists in Adobe Illustrator version 29.8.3, 30.0 and prior versions that originates from an untrusted search path and could lead to the execution of arbitrary...

HTC VIVE Runtime Service 代码问题漏洞

HTC VIVE Runtime Service is a core backend driver from HTC Corporation. A code issue vulnerability exists in HTC VIVE Runtime Service version 1.0.0.4, which stems from the service path being unquoted, and could lead to a local user executing arbitrary code and elevating system privileges...

Wondershare UBackit 代码问题漏洞

Wondershare UBackit is a computer data backup software from China's Wanxing Technology Wondershare. A code issue vulnerability exists in Wondershare UBackit version 2.0.5, which stems from an unquoted path to the wsbackup service, and could lead to the execution of arbitrary code and elevation of...

e107 代码问题漏洞

e107 is an open source, free and PHP and MySQL based Content Management System CMS from the E107 team. The system supports a variety of plug-ins and appearance themes, and can be used as a personal blog, discussion community, archive repository and so on. A code issue vulnerability exists in e107...

CVE-2023-50944

Apache Airflow, versions before 2.8.1, have a vulnerability that allows an authenticated user to access the source code of a DAG to which they don't have access. This vulnerability is considered low since it requires an authenticated user to exploit it. Users are recommended to upgrade to version...

CVE-2022-31287

An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp...

CVE-2020-12838

ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php...

CVE-2022-38715

A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

TOTOLINK WA1200 代码问题漏洞

TOTOLINK WA1200 is a high power wireless access point from China Gion Electronics TOTOLINK. A code issue vulnerability exists in the TOTOLINK WA1200 version 5.9c.2914, which stems from a null pointer dereference issue in the file cstecgi.cgi...

CVE-2025-1642

A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been declared as critical. This vulnerability affects unknown code of the file /AGE0000700/GetImageMedico?fooId=1. The manipulation of the argument fooId leads to improper control of resource identifiers. The attack can be initiat...

ABB WebPro SNMP Card PowerValue和ABB WebPro SNMP Card PowerValue UL 代码问题漏洞

ABB WebPro SNMP Card PowerValue and ABB WebPro SNMP Card PowerValue UL are both remote web management systems from ABB Switzerland. A code issue vulnerability exists in ABB WebPro SNMP Card PowerValue and ABB WebPro SNMP Card PowerValue UL versions 1.1.8.K and earlier, which stems from improper...

ABB WebPro SNMP Card PowerValue和ABB WebPro SNMP Card PowerValue UL 代码问题漏洞

ABB WebPro SNMP Card PowerValue and ABB WebPro SNMP Card PowerValue UL are both remote web management systems from ABB Switzerland. A code issue vulnerability exists in ABB WebPro SNMP Card PowerValue and ABB WebPro SNMP Card PowerValue UL 1.1.8.K and prior versions, which stems from an inadequat...

An Empirical Evaluation of LLM-Based Approaches for Code Vulnerability Detection: RAG, SFT, and Dual-Agent Systems

The rapid advancement of Large Language Models LLMs presents new opportunities for automated software vulnerability detection, a crucial task in securing modern codebases. This paper presents a comparative study on the effectiveness of LLM-based techniques for detecting software vulnerabilities...

KZTech JT3500V 代码问题漏洞

The KZTech JT3500V is a wireless broadband router from KZTech USA. A code issue vulnerability exists in the KZTech JT3500V that stems from improper session management and could lead to an attacker reusing old session credentials...