Microsoft Power Apps 代码问题漏洞

Microsoft Power Apps is a low-code development platform provided by Microsoft Corporation in the United States. It aims to help users easily build custom enterprise-level applications. There are code-related vulnerabilities in Microsoft Power Apps. These vulnerabilities stem from uncontrolled...

CVE-2026-22561

Uncontrolled search path elements in Anthropic Claude for Windows installer Claude Setup.exe versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs e.g., profapi.dll from its own directory after UAC elevation, enabling arbitrary code...

CVE-2026-22561

CVE-2026-22561 concerns Anthropic Claude for Windows installer (Claude Setup.exe). The vulnerability arises from Uncontrolled search path elements, where the installer loads DLLs (e.g., profapi.dll) from its own directory after UAC elevation, enabling local privilege escalation via DLL search-ord...

Claude Code 安全漏洞

Claude Code is an open-source terminal-native AI programming tool developed by Anthropic. Versions of Claude Code prior to 1.1.3363 contained a security vulnerability, which was caused by uncontrolled search path elements, potentially leading to local privilege escalation...

Dell PowerScale OneFS 代码问题漏洞

Dell PowerScale OneFS is an operating system developed by the American company Dell. It provides a horizontally scalable NAS solution through the PowerScale OneFS operating system. Versions of Dell PowerScale OneFS prior to 9.10.1.6, as well as versions 9.11.0.0 to 9.12.0.1, have code...

Dell Command | Intel vPro Out of Band 代码问题漏洞

Dell Command | Intel vPro Out of Band is an application developed by the American company Dell that provides out-of-band management solutions. It allows for remote management of client systems, regardless of the system’s power state. Versions of Dell Command | Intel vPro Out of Band prior to...

PT-2026-20861

Name of the Vulnerable Software and Affected Versions TensorFlow affected versions not specified Description A flaw exists in TensorFlow due to insecure handling of plugins, allowing local attackers to potentially escalate privileges on affected systems. An attacker must first have the ability to...

IBM Db2 code-related vulnerabilities

IBM Db2 is a relational database management system developed by IBM. The system can run on various operating systems such as UNIX, Linux, IBMi, z/OS, and Windows server versions. Versions 12.1.0 to 12.1.3 of IBM Db2 contain code vulnerabilities. These vulnerabilities stem from search path element...

Altera Quartus Prime Standard和Altera Quartus Prime Lite 安全漏洞

Altera Quartus Prime Standard and Altera Quartus Prime Lite are FPGA design software from Altera Corporation. A security vulnerability exists in Altera Quartus Prime Standard and Altera Quartus Prime Lite that stems from the presence of uncontrolled search path elements in the Windows installer,...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure over the /static endpoint. An attacker can determine the existence of internal path components by sending requests to probe for absolute path elements. Remediation Upgrade aiohttp to version 3.13.3 or higher...

EUVD-2019-10351

Malware in sbrugna...

EUVD-2022-53402

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-21742

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...

UBUNTU-CVE-2025-21741

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header...

Intel Server M50FCP 代码问题漏洞

Intel Server M50FCP is a server from Intel Corporation USA. A code issue vulnerability exists in Intel Server M50FCP that stems from the presence of uncontrolled search path elements that could allow a privileged user to elevate privileges via local access...

SolarWinds Platform 代码问题漏洞

SolarWinds Platform is a unified monitoring, observability, and service management platform from U.S.-based SolarWinds, Inc. A code issue vulnerability exists in SolarWinds Platform versions 2024.2.1 and earlier, which stems from vulnerability to an uncontrolled local elevation of privilege...

Intel® oneAPI Toolkits Advisory

Summary: Potential security vulnerabilities in some Intel® oneAPI Toolkits may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-25987 Description: Improper handling of Unicode encoding in source...

Intel OneApi Toolkits 代码问题漏洞

Intel OneApi Toolkits is a set of core tools and libraries from the United States Intel Intel. for developing high-performance, data-centric applications across different architectures. A security vulnerability exists in Intel oneAPI Deep Neural Network oneDNN versions prior to 2022.1, which stem...

SUSE CVE-2022-32190

JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath"https://go.dev", "../go" returns the URL "https://go.dev/../go", despite the JoinPath documentation stating that ../ path elements are removed from the result...

CVE-2022-32190

JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath"https://go.dev", "../go" returns the URL "https://go.dev/../go", despite the JoinPath documentation stating that ../ path elements are removed from the result...