Mingyuan Cloud - Command Execution Vulnerability in Data Center

Shenzhen Mingyuan Cloud Technology Co., Ltd hereinafter referred to as: Mingyuan Cloud, is a real estate ecosystem digital service provider. A command execution vulnerability exists in Mingyuan Cloud-Data Center. An attacker can exploit the vulnerability to gain server privileges...

Nexus Series Fabri Access Control Error Vulnerability

Cisco Nexus 9000 Series Fabric Switches is a 9000 series fiber optic switch from Cisco USA. A security vulnerability exists in the Nexus 9000 Series Fabri that can be exploited by an attacker to disable switching on SFP interfaces, which could disrupt the network...

Unauthorized Access Vulnerability in MAS Mobile Proxy Server of China Mobile Communications Ltd.

MAS Mobile Proxy Server is an access tool to assist the original business systems of enterprises to realize wireless applications. An unauthorized access vulnerability exists in the MAS mobile proxy server of China Mobile Communications Corporation, which can be exploited by an attacker to access...

Mailtrain SQL Injection Vulnerability

Mailtrain is an open source hosted newsletter application built on Node.js and MySQL/MariaDB. A SQL injection vulnerability exists in Mailtrain 1.24.1 and earlier in lib/models/campaigns.js in statsClickedSubscribersByColumn. The vulnerability stems from not properly escaping variable column name...

Command Execution Vulnerability in HYBBS V2.3.2 Backend

HYBBS is a lightweight community forum program. A command execution vulnerability exists in the backend of HYBBS V2.3.2. An attacker can exploit this vulnerability to gain server privileges...

Linux kernel io_grab_files() denial of service vulnerability

Linux Kernel is an open source operating system. A security vulnerability exists in Linux kernel iograbfiles, which can be exploited by a local attacker to submit a special request that can crash the system...

Denial of service vulnerability in Intel® 7360 Cell Modem firmware

Intel is an American company that develops CPUs and is the world's largest manufacturer of personal computer parts and CPUs. A denial of service vulnerability exists in the Intel® 7360 Cell Modem firmware, which can be exploited by an attacker to cause a denial of service...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. There are security vulnerabilities in the Linux kernel. An attacker can exploit the vulnerability to cause the kernel to crash...

Microsoft Windows TCP/IP Remote Code Execution Vulnerability

The Microsoft Windows operating system is a set of operating systems developed by Microsoft Corporation in the United States. A remote code execution vulnerability exists in Microsoft Windows TCP/IP, which can be triggered by constructing special IP source routing packets, and an attacker who...

Microsoft SharePoint 代码问题漏洞

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...

Unspecified vulnerability in Linux kernel (CNVD-2021-13671)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions 5.10.12 and earlier, which can be exploited by a local attacker to trigger via an IO request at some point during devic...

Information Disclosure Vulnerability in Atlassian JIRA Software

JIRA Software is a project and transaction tracking tool from Atlassian that is used in a wide range of work areas such as defect tracking, customer service, requirements gathering, process approvals, task tracking, project tracking and agile management. An information disclosure vulnerability...

Huawei eCNS280 Resource Management Error Vulnerability

Huawei eCNS280 is the core network equipment of Huawei's wireless broadband trunking system. In addition to providing the network functions of a traditional core network, it also virtualizes the functions of network elements and shares standardized hardware resources among multiple network elemen...

Red Hat Undertow Denial of Service Vulnerability

Red Hat Undertow is a U.S. Red Hat Red Hat, a Java-based embedded Web server, is the default Web server Wildfly Java application server. Red Hat Undertow suffers from a denial of service vulnerability that originates from an input validation error to a user, which can be exploited by an attacker ...

Oracle ZFS Storage Appliance Access Control Error Vulnerability

Oracle ZFS Storage Appliance is a storage appliance from Oracle Corporation in the United States that supports flash memory, petabytes of file storage and a built-in Oracle database. A security vulnerability exists in the Oracle ZFS Storage Appliance Kit product. An attacker could exploit the...

SQL Injection Vulnerability in iOffice.net Hospital Edition

The business scope of Guangzhou Hongfan Computer Technology Co., Ltd. includes: computer room maintenance services, information technology consulting services, data processing and storage services, digital animation production, software development and so on. SQL injection vulnerability exists in...

Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerability (CNVD-2021-09935)

Cisco Smart Software Manager Satellite is software designed to provide intelligent management capabilities for licenses. A command injection vulnerability exists in the WEB UI of Cisco Smart Software Manager Satellite 5.1.0 and prior versions. The vulnerability stems from the program not properly...

Arbitrary File Deletion Vulnerability in Zhirui Public Security Information Website System

Zhirui software is a focus on network software development work team, its products voting selection system, enterprise website system, school website system, government website management system, public security public information management system is currently the most widely used website progra...

Cisco Data Center Network Manager SQL Injection Vulnerability (CNVD-2021-09940)

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. A SQL injection vulnerability exists in the REST API endpoint of Cisco Data Center...

Google Chrome File System API Policy Enforcement Deficiency Vulnerability (CNVD-2021-28288)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A File System API Policy Enforcement Insufficiency vulnerability exists in versions of Google Chrome prior to 88.0.4324.96. An attacker can exploit this vulnerabili...