Zoho ManageEngine O365 Manager Plus Remote Code Execution Vulnerability

A security vulnerability exists in Zoho ManageEngine O365 Manager Plus, a software for auditing, monitoring and managing Office 365 from ZOHO, Inc. prior to Build 4416, which stems from an external input data during the construction of a code segment, and the network system or product fails to...

Adobe Acrobat Reader information leakage vulnerability

Adobe Acrobat is a set of PDF file editing and conversion tools from the U.S. Adobe Acrobat Reader DC ActiveX space is vulnerable to information disclosure, which stems from errors in the configuration of the network system or product during operation. An unauthenticated attacker could exploit th...

PeerTube Access Control Error Vulnerability (CNVD-2022-18322)

PeerTube is a decentralized video sharing service platform. Used to produce video projects, PeerTube suffers from an access control error vulnerability that stems from a network system or product that does not properly restrict access to resources from unauthorized roles, which could be exploited...

Google Android elevation of privilege vulnerability (CNVD-2022-15193)

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Pixel Display/graphics in Google Android, which arises from a configuration or other error in the operation of a networked system or product. An attacker could exploit the vulnerability to...

Google Android elevation of privilege vulnerability (CNVD-2022-15194)

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Pixel Display/graphics in Google Android, which arises from a configuration or other error in the operation of a networked system or product. An attacker could exploit the vulnerability to...

Google Android Information Disclosure Vulnerability (CNVD-2022-05475)

Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability that stems from a configuration error in the network system or product during operation. An attacker could use the vulnerability to obtain sensiti...

Google Android logic flaw vulnerability

Google Android is a Linux-based open source operating system from Google, Inc. A security vulnerability exists in Google Android, which stems from a configuration error in the network system or product during operation. An attacker could exploit the vulnerability to cause a local privilege...

Google Android Code Execution Vulnerability (CNVD-2022-06898)

Google Android is a Linux-based open source operating system from Google, Inc. A security vulnerability exists in Google Android, which stems from a configuration error in the network system or product during operation. An attacker could exploit the vulnerability to cause a local privilege...

Microsoft Windows 代码注入漏洞

Microsoft Windows is a suite of operating systems for personal device use from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Windows Modern Execution Server, which arises from a network system or product not properly filtering specific elements of externally input...

Google Android Information Disclosure Vulnerability (CNVD-2022-05479)

Google Android is a Linux-based open-source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability that stems from a configuration error in the network system or product during operation. An attacker could use the vulnerability to obtain sensiti...

Google Android Input Validation Error Vulnerability (CNVD-2022-06151)

Google Android is a Linux-based open source operating system from Google, Inc. Google Android 11 is vulnerable to an input validation error, which stems from a network system or product that does not properly validate input data. No details of the vulnerability are currently available...

bookstack Access Control Error Vulnerability (CNVD-2022-03208)

BookStack is the BookStackApp team's set of open source platform for building wiki documents using PHP and Laravel. bookstack suffers from an access control error vulnerability that stems from a network system or product that does not properly restrict access to resources from unauthorized roles...

ToTolink Ex200 Command Injection Vulnerability

ToTolink Ex200 is a 2.4G wireless N-range extender from ToTolink China. It is designed to extend the coverage of existing Wi-Fi networks and eliminate "blind spots". The ToTolink Ex200 suffers from a command injection vulnerability, which arises from the failure of a network system or product to...

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. A security vulnerability exists in Google Android, which stems from a configuration error in the network system or product during operation. An attacker could exploit the vulnerability to cause a local privilege...

Huawei HarmonyOS Exception Logging Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based distributed operating system. A security vulnerability exists in Huawei HarmonyOS, which stems from configuration and other errors in the network system or product during operation. An...

Huawei HarmonyOS Licensing Issue Vulnerability (CNVD-2022-20310)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based, distributed operating system. Huawei HarmonyOS has a security vulnerability that originates from improper design or implementation during code development of a network system or product. An...

Dell EMC Unity Command Injection Vulnerability

Dell EMC Unity is a unified storage array product from Dell DELL USA. Dell EMC Unity suffers from a command injection vulnerability that originates from a network system or product that does not properly validate incoming data. An attacker could exploit the vulnerability to run crafted commands a...

Apache Apisix Licensing Issue Vulnerability

Apache Apisix is a cloud-native microservices API gateway service from the Apache Foundation in the United States. The software is based on OpenResty and etcd for dynamic routing and plug-in hot-loading, and is suitable for API management in microservice systems. an authorization issue...

Huawei HarmonyOS Input Validation Error Vulnerability (CNVD-2022-01676)

Huawei HarmonyOS is an operating system from Huawei China Inc. A vulnerability exists in the Huawei HarmonyOS component due to an input validation error. The vulnerability stems from a network system or product that does not properly validate input data, and can be exploited by an attacker to...

emlog Remote Code Execution Vulnerability (CNVD-2021-101689)

Emlog is a PHP and MySQL-based CMS builder from the Emlog personal developer. Emlog in version 5.3.1 contains a remote code execution vulnerability that stems from the failure of a network system or product to properly filter special elements in the process of constructing code segments from...