11 matches found
CVE-2026-13104
Technical details for CVE-2026-13104 are not publicly available in the provided documents. Monitor for updates from Lenovo and security advisories; current entries only note a local authenticated arbitrary-code risk with elevated privileges.
CVE-2026-13103
Lenovo App Store (Chinese market) contains a path traversal vulnerability allowing a local authenticated user to execute arbitrary code. The issue affects the package/component handling file paths, with impact on confidentiality, integrity, and availability reported as high. CVSS: from the report...
EUVD-2026-44975
A potential insecure permissions vulnerability was reported in Legion Zone and the Lenovo App Store Windows applications, distributed exclusively in the Chinese market, that when installed on a non‑system partition, could allow a local user to execute arbitrary code...
CVE-2026-7516
A vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allow a website visited by the built-in browser to overwrite system clipboard contents...
EUVD-2026-36046
A vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allow a website visited by the built-in browser to overwrite system clipboard contents...
CVE-2026-7516
A vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allow a website visited by the built-in browser to overwrite system clipboard contents...
wangmarket 代码问题漏洞
wangmarket is a privatized deployment of your own SAAS cloud builder system for xnx3 individual developers in China. A code issue vulnerability exists in wangmarket 6.4 and earlier versions, which stems from the incorrect operation of the parameter image in the file /sits/uploadImage.do, which...
EUVD-2023-32449
Some versions of Hikvision's iSecure Center Product have an improper file upload control vulnerability. Due to the improper verification of file to be uploaded, attackers may upload malicious files to the server. iSecure Center is software released for China's domestic market only, with no overse...
In Search of Lost Data: a Study of Flash Sanitization Practices
To avoid the disclosure of personal or corporate data, sanitization of storage devices is an important issue when such devices are to be reused. While poor sanitization practices have been reported for second-hand hard disk drives, it has been reported that data has been found on original storage...
Arbitrary File Read Vulnerability in MyCnCart of Qingdao All-in-One Network Technology Co.
MyCnCart MCC for short is a free, open source B2C, B2B e-commerce platform system developed for the Chinese mainland market. MyCnCart has an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...
china-market.co.kr XSS vulnerability
Open Bug Bounty ID: OBB-559119 Description| Value ---|--- Affected Website:| china-market.co.kr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...