ClassCMS 代码问题漏洞

ClassCMS is a simple, flexible, secure and easy-to-expand content management system in China. A security vulnerability exists in ClassCMS version 3.5, which originates from an arbitrary file upload in the file management functional module...

PT-2022-27804 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: Application management module affected versions not specified Description: The issue is related to a vulnerability in permission verification within the application management module. This vulnerability can be exploited to cause an unexpected...

CVE-2022-46312

The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications...

ZOHO ManageEngine Mobile Device Manager Plus 安全漏洞

ZOHO ManageEngine Mobile Device Manager Plus is an enterprise mobile device management MDM software from ZOHO, Inc. It can be used to manage and protect Apple, Android, Windows and Chrome OS devices. A security vulnerability exists in ZOHO ManageEngine Mobile Device Manager Plus versions prior to...

CVE-2021-46852

The memory management module has the logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A denial of service vulnerability exists in the Huawei HarmonyOS DDMP/ODMF module, which can be exploited by attackers to cause a denial of service...

Huawei HarmonyOS 访问控制错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a logical bypass vulnerability in its memory management module resulting in compromised...

CVE-2022-42234

There is a file inclusion vulnerability in the template management module in UCMS 1.6...

UCMS 安全漏洞

UCMS is a content management system written in PHP. A security vulnerability exists in UCMS version 1.6, which stems from a file inclusion in the template management module...

Security Bulletin: IBM Smart Analytics System 5600 clients affected by vulnerabilities in IBM JRE (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)

Abstract These vulnerabilities are only applicable to Java deployments where untrusted code may be executed e.g. Java applets running in a web browser. Content VULNERABILITY DETAILS CVE IDs: CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823 DESCRIPTION: The IBM Smart Analytics System 560...

PT-2022-22467 · Feehicms · Feehicms

Name of the Vulnerable Software and Affected Versions: Feehi CMS version 2.1.1 Description: An arbitrary file upload vulnerability in the Advertising Management module allows attackers to execute arbitrary code via a crafted PHP file. Recommendations: For Feehi CMS version 2.1.1, consider disabli...

RuoYi 4.7.3 vulnerable to arbitrary file upload in background management module

An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file...

GHSA-6W2F-6WQ3-RJVF RuoYi 4.7.3 vulnerable to arbitrary file upload in background management module

An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file...

CVE-2022-32065

An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file...

RuoYi 跨站脚本漏洞

RuoYi is a backend management system for individual developers of China RuoYi RuoYi. A security vulnerability exists in RuoYi v4.7.3 and below, which stems from an arbitrary file upload vulnerability in the backend management module that allows an attacker to execute arbitrary code via a speciall...

CVE-2021-3897

An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

CVE-2021-3849

An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

CVE-2021-3897

CVE-2021-3897 describes an authentication bypass in internal services of Lenovo’s Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware, with SMM2 reportedly not affected. Multiple connected sources confirm the vulnerability could allow an unauthenticated attacker...

PT-2022-10823 · Lenovo · Lenovo System Management Module +1

Name of the Vulnerable Software and Affected Versions: Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware affected versions not specified SMM2 is not affected. Description: An authentication bypass issue was discovered in an internal service of the Lenovo Fan Power...

PT-2022-10733 · Lenovo · Lenovo System Management Module +1

Name of the Vulnerable Software and Affected Versions: Lenovo Fan Power Controller2 FPC2 affected versions not specified Lenovo System Management Module SMM affected versions not specified Description: An authentication bypass issue was found in the web interface of the Lenovo Fan Power Controlle...