CVE-2021-22331

There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript injection. This may compromise normal service. Affected product...

QEMU 缓冲区错误漏洞

QEMU is a suite of analog processor software from the French individual developer Fabrice Bellard. The software is fast and cross-platform. QEMU suffers from a buffer overflow vulnerability that stems from a heap buffer overflow found in the floppy disk emulator, which can be exploited by an...

Razer Synapse 3 安全漏洞

Razer Synapse 3 is an application from Razer USA, Inc. cloud-based unified hardware configuration tool. A security vulnerability exists in Razer Synapse 3, which can be exploited by an attacker to create files in unintended directories with some limitations...

Microsoft Exchange Server 安全漏洞

Microsoft Exchange Server is a mail server and calendar server developed by Microsoft. A remote code execution vulnerability exists in Microsoft Exchange Server, which can be exploited by an attacker to achieve remote code execution...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to disable anti-virus protection...

CVE-2020-35308

CONQUEST DICOM SERVER before 1.5.0 has a code execution vulnerability which can be exploited by attackers to execute malicious code...

Logic Flaw Vulnerability in Fast Platoon CMS

Fast Row CMS is open source and free PHP enterprise website production, construction, development and optimization of SEO management system. Fast Platoon CMS has a logic flaw vulnerability that can be exploited by attackers to obtain sensitive information...

Microsoft SharePoint 安全漏洞

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...

SQL injection vulnerability exists in yycms (CNVD-2021-21570)

yycms is a movie and TV building system. yycms has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

Logic Flaw Vulnerability in Extreme Classroom Management System Deluxe Edition

Polaris Electronic Classroom Management System is a teaching system. A logic flaw vulnerability exists in the Deluxe Edition of the Polaris Electronic Classroom Management System, which can be exploited by attackers to execute elevated privilege system commands...

DLL Hijacking Vulnerability in iTools 3.0

iTools 3.0 is a multifunctional management tool for Apple devices. A DLL hijacking vulnerability exists in iTools 3.0, which can be exploited by attackers to gain control of the server...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to cause arbitrary code execution...

Denial of Service Vulnerability in TP-LINK TL-WR740N

TP-LINK TL-WR740N adopts advanced 11N wireless technology, the wireless transmission rate is up to 150Mbps, to meet more wireless client access, and at the same time to avoid data congestion, reduce network delay, voice video, online VOD, online games more smoothly. TP-LINK TL-WR740N has a...

Binary vulnerability in jerryscript (CNVD-2020-72373)

JerryScript is a lightweight JavaScript engine that runs on restricted devices. A binary vulnerability exists in jerryscript, which can be exploited by attackers to compromise usability...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA. Google Android information disclosure vulnerability can be exploited by attackers to obtain sensitive information...

Shijiazhuang Renaud Network Technology Co., Ltd. website building system has a denial of service vulnerability

Shijiazhuang Renaud Network Technology Co., Ltd. was founded in 2008, 12 years focusing on the application of Internet and information technology to help China's economic transformation and upgrading. Shijiazhuang Renaud Network Technology Co., Ltd. station building system there is a denial of...

BaoBao App has a flawed logic vulnerability

BaoBao APP is an insurance knowledge exchange platform. A logic flaw vulnerability exists in Paobao APP, which can be exploited by attackers to obtain sensitive information about the application...

The vulnerability of the command-line interface (CLI) of the programmatically defined Cisco SD-WAN network allows a attacker to increase their privileges.

The vulnerability of the command-line interface CLI of Cisco SD-WAN software-defined networks is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

Information Disclosure Vulnerability in DIR-822 AC 1200M Wireless Router

The business scope of AUO Electronic Equipment Shanghai Co., Ltd. includes the wholesale of network equipment not involving value-added telecommunication business, computer software and hardware, electronic security products, and other electronic products. An information disclosure vulnerability...

Command Execution Vulnerability in Wukong CRM

Zhengzhou Kakarot Software Technology Co., Ltd. is a science and technology-oriented enterprise co-founded by overseas returned students and well-known listed companies, software engineers. Wukong CRM has a command execution vulnerability that can be exploited by attackers to gain server privileg...