Arbitrary File Deletion Vulnerability in HongCMS (CNVD-2021-47696)

HongCMS is a lightweight website system. HongCMS suffers from an arbitrary file deletion vulnerability that can be exploited by an attacker to delete arbitrary files...

Unauthorized Access Vulnerability in WV-SW395 at Panasonic (China) Co.

Panasonic China Co., Ltd. is mainly responsible for carrying out sales and after-sales service activities for home appliances, systems, environments, components and other goods. An unauthorized access vulnerability exists in WV-SW395 of Panasonic China Co. Ltd. that can be exploited by attackers ...

Huawei USG9500 资源管理错误漏洞

Huawei USG9500 is a firewall appliance for large-scale environments from China's Huawei. The device provides up to T-class processing performance and 99.999\% reliability, and integrates multiple security features such as NAT, VPN, IPS, virtualization, and service awareness to help enterprises...

Dell EMC NetWorker 日志信息泄露漏洞

DELL EMC NetWorker is a suite of unified backup and recovery software from Dell DELL USA. The software provides backup and recovery, deduplication elimination, backup reporting, and other features. Dell EMC NetWorker has a security vulnerability that can be exploited by an attacker to exploit...

Microsoft SharePoint 安全漏洞

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A security...

CVE-2021-22331

There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript injection. This may compromise normal service. Affected product...

QEMU 缓冲区错误漏洞

QEMU is a suite of analog processor software from the French individual developer Fabrice Bellard. The software is fast and cross-platform. QEMU suffers from a buffer overflow vulnerability that stems from a heap buffer overflow found in the floppy disk emulator, which can be exploited by an...

Razer Synapse 3 安全漏洞

Razer Synapse 3 is an application from Razer USA, Inc. cloud-based unified hardware configuration tool. A security vulnerability exists in Razer Synapse 3, which can be exploited by an attacker to create files in unintended directories with some limitations...

Microsoft Exchange Server 安全漏洞

Microsoft Exchange Server is a mail server and calendar server developed by Microsoft. A remote code execution vulnerability exists in Microsoft Exchange Server, which can be exploited by an attacker to achieve remote code execution...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to disable anti-virus protection...

CVE-2020-35308

CONQUEST DICOM SERVER before 1.5.0 has a code execution vulnerability which can be exploited by attackers to execute malicious code...

Logic Flaw Vulnerability in Fast Platoon CMS

Fast Row CMS is open source and free PHP enterprise website production, construction, development and optimization of SEO management system. Fast Platoon CMS has a logic flaw vulnerability that can be exploited by attackers to obtain sensitive information...

Microsoft SharePoint 安全漏洞

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...

SQL injection vulnerability exists in yycms (CNVD-2021-21570)

yycms is a movie and TV building system. yycms has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

Logic Flaw Vulnerability in Extreme Classroom Management System Deluxe Edition

Polaris Electronic Classroom Management System is a teaching system. A logic flaw vulnerability exists in the Deluxe Edition of the Polaris Electronic Classroom Management System, which can be exploited by attackers to execute elevated privilege system commands...

DLL Hijacking Vulnerability in iTools 3.0

iTools 3.0 is a multifunctional management tool for Apple devices. A DLL hijacking vulnerability exists in iTools 3.0, which can be exploited by attackers to gain control of the server...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to cause arbitrary code execution...

Denial of Service Vulnerability in TP-LINK TL-WR740N

TP-LINK TL-WR740N adopts advanced 11N wireless technology, the wireless transmission rate is up to 150Mbps, to meet more wireless client access, and at the same time to avoid data congestion, reduce network delay, voice video, online VOD, online games more smoothly. TP-LINK TL-WR740N has a...

Binary vulnerability in jerryscript (CNVD-2020-72373)

JerryScript is a lightweight JavaScript engine that runs on restricted devices. A binary vulnerability exists in jerryscript, which can be exploited by attackers to compromise usability...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA. Google Android information disclosure vulnerability can be exploited by attackers to obtain sensitive information...