88 matches found
CVE-2025-46587
CVE-2025-46587 pertains to Huawei HarmonyOS: a permission-control issue in the Media Library module that could affect service confidentiality. The root cause is improper privilege control within the Media Library; exploitation is described as local with low complexity, and no explicit patch versi...
CVE-2025-46587
Permission control vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
PT-2025-19868 · Huawei · Harmonyos
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns insufficient information protection in the media library module. Successful exploitation of this vulnerability may affect service confidentiality. Recommendations: At the...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from an information disclosure vulnerability that stems from insufficient protection of information in the media library module, which affects service confidentiality. No details of the vulnerability...
PT-2025-15982 · Maxkb · Maxkb
Name of the Vulnerable Software and Affected Versions: MaxKB versions prior to 1.10.4-lts Description: A reverse shell vulnerability exists in the module of the function library, allowing privileged users to create a reverse shell. This issue is related to the function library module...
MaxKB 代码注入漏洞
MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. MaxKB suffers from a code injection vulnerability that stems from a reverse shell vulnerability in the function library module that allows a privileged user to create a...
CVE-2025-28091
maccms10 v2025.1000.4047 has a Server-Side Request Forgery SSRF vulnerability via Add Article...
Huawei HarmonyOS media library module privilege checksum vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege checking vulnerability exists in the Huawei HarmonyOS media library module, which can be exploited by an attacker to compromise confidentiality...
Huawei HarmonyOS media library module privilege checksum vulnerability (CNVD-2025-07255)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege checking vulnerability exists in the Huawei HarmonyOS media library module, which can be exploited by an attacker to compromise confidentiality...
CVE-2024-58049
Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2024-58047
Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2024-58049
Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2024-57954
Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2024-57954
Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
PT-2025-5812 · Unknown · Media Library Module
Name of the Vulnerable Software and Affected Versions: Media library module affected versions not specified Description: The issue concerns a permission verification vulnerability in the media library module. Successful exploitation of this vulnerability may affect service confidentiality. There ...
MaxKB 安全漏洞
MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. A security vulnerability exists in MaxKB versions prior to 1.9.0, which stems from a remote command execution in the function library module that allows a privileged us...
CVE-2023-47832
Missing Authorization vulnerability in searchiq SearchIQ allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SearchIQ: from n/a through 4.4...
CVE-2024-32990
Permission verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-28418
Webedition CMS 9.2.2.0 has a File upload vulnerability via /webEdition/wecmd.php...
CVE-2024-28683
DedeCMS v5.7 was discovered to contain a cross-site scripting XSS vulnerability via create file...