Command Execution Vulnerability in Business Integrated Management Platform of Puyuan Information Technology Company Limited (CNVD-2024-24191)

Puyuan Information Technology Co., Ltd. is a professional provider of software infrastructure platform products and solutions. A command execution vulnerability exists in the Business Integrated Management Platform of Puyuan Information Technology Co., Ltd. that can be exploited by an attacker to...

Command Execution Vulnerability in RG-UAC Ruijie Unified Internet Behavior Management and Audit System of Beijing StarNet Ruijie Network Technology Co.

RG-UAC Ruijie Unified Internet Behavior Management and Auditing System is an Internet behavior management and auditing product. A command execution vulnerability exists in the RG-UAC Ruijie Unified Internet Behavior Management and Audit System of Beijing StarNet Ruijie Network Technology Co. Ltd,...

Command Execution Vulnerability in UFIDA NC

UFIDA Network Technology Co., Ltd. is a company whose business scope includes the technical development, technical consulting and technology transfer of electronic computer software, hardware and external equipment. A command execution vulnerability exists in UFIDA NC, which can be exploited by a...

Command Execution Vulnerability in RG-UAC Ruijie Unified Internet Behavior Management and Audit System of Beijing StarNet Ruijie Network Technology Co. Ltd (CNVD-2024-19347)

Beijing StarNet Ruijie Network Technology Co., Ltd. is an enterprise mainly engaged in software and information technology service industry. A command execution vulnerability exists in the RG-UAC Ruijie Unified Internet Behavior Management and Audit System of Beijing StarNet Ruijie Network...

CVE-2024-27102 Improper isolation of server file access in github.com/pterodactyl/wings

Wings is the server control plane for Pterodactyl Panel. This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can potentially be used to access files and directories on the host system. The full scope of impact is exactly unknown, but reading files outside o...

CVE-2024-27102 Improper isolation of server file access in github.com/pterodactyl/wings

Wings is the server control plane for Pterodactyl Panel. This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can potentially be used to access files and directories on the host system. The full scope of impact is exactly unknown, but reading files outside o...

CVE-2024-27102

CVE-2024-27102 affects Wings (github.com/pterodactyl/wings). It is an improper isolation of server file access vulnerability that enables reading files outside the server’s base directory when an attacker has an existing server controlled by Wings. The public documentation confirms the impact and...

Vulnerability fixed in Microsoft SQL Server

Microsoft has fixed and vulnerability in SQL Server. The vulnerability is located in the Django backend and allows a malicious party to be able to use the client application of the victim to execute an SQL injection and thus execute arbitrary code execute arbitrary code with the victim's privileg...

Command Execution Vulnerability in DAS Green Alliance Database Auditing System of Beijing Shenzhou Green Alliance Technology Co.

Beijing Shenzhou Green Alliance Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application services. A command execution vulnerability exists in the DAS Green Alliance database auditing system of Beijing Shenzhou Green Alliance Technology Co. Ltd, whi...

File upload vulnerability in web-based network management system of Xinhua San Technologies Co.(CNVD-2024-18761)

Xinhua San Technology Co., Ltd. is a company that mainly provides research, development, production, sales and service of IT infrastructure products and solutions. A file upload vulnerability exists in the web-based network management system of Xinhua San Technologies Limited, which can be...

Deserialization Vulnerability in Isthmus Electronic Document Security Management System (CNVD-2024-17662)

Beijing Yisetong Technology Development Co., Ltd. is a leading provider of data security business and network security business at home and abroad. A deserialization vulnerability exists in Yisetong's electronic document security management system, which can be exploited by an attacker to gain...

Command Execution Vulnerability in Electronic Document Security Management System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-14992)

Beijing Yisetong Technology Development Co., Ltd. is a domestic data security, network security and security services provider of three major business. A command execution vulnerability exists in the electronic document security management system of Beijing Yisetong Technology Development Co., Lt...

CVE-2023-32330 IBM Security Verify Access man in the middle

IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: 254977...

Command Execution Vulnerability in EG3210 of Beijing StarNet Ruijie Network Technology Co. Ltd (CNVD-2024-11054)

The EG3210 is a multi-service security gateway. A command execution vulnerability exists in the EG3210, which can be exploited by an attacker to gain control of a server...

Command Execution Vulnerability in EG3210 of Beijing StarNet Ruijie Network Technology Co.

The EG3210 is a router product from Beijing StarNet Ruijie Network Technology Co. A command execution vulnerability exists in the Beijing StarNet Ruijie Network Technology Co., Ltd EG3210, which can be exploited by an attacker to gain control of a server...

Command Execution Vulnerability in Electronic Document Security Management System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-06018)

Beijing Yisaitong Science and Technology Development Limited Liability Company is a company whose business scope includes general items: technical services, technology development, technology consulting, technology exchanges, technology transfer and so on. There is a command execution vulnerabili...

PT-2023-9626 · Oracle +4 · Mysql Server +3

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.37 and prior MySQL Server versions 8.4.0 and prior Description: The issue is related to insufficient input validation in the InnoDB component of Oracle MySQL Server. This can be exploited by a remote attacker to caus...

Command Execution Vulnerability in EG2000GE of Beijing StarNet Ruijie Network Technology Co.

Beijing StarNet Ruijie Network Technology Co., Ltd EG2000GE is a router product. A command execution vulnerability exists in the Beijing StarNet Ruijie Network Technology Co., Ltd EG2000GE, which can be exploited by an attacker to gain control of the server...

Remote Code Execution (RCE)

moodle/moodle is vulnerable to Remote Code Execution RCE. A local file inclusion vulnerability allows an attacker to include arbitrary files on a vulnerable Moodle server by exploiting a flaw in the way that Moodle handles file paths, which could allow the attacker to take complete control of the...

IBM WebSphere Application Server Liberty 代码问题漏洞

IBM WebSphere Application Server Liberty is a Java application server from International Business Machines IBM built on top of the Open Liberty project. A resource management error vulnerability exists in IBM WebSphere Application Server Liberty that stems from improper handling of resources afte...