CVE-2019-1325

An elevation of privilege vulnerability exists in the Windows redirected drive buffering system rdbss.sys when the operating system improperly handles specific local calls within Windows 7 for 32-bit systems, aka 'Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability'...

CVE-2006-3488

Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in the Pasta parameter when link=util, acao=ftp, and acaba=sim...

CVE-2025-48415 Backdoor Functionality via USB Drive in eCharge Hardy Barth cPH2 / cPP2 charging stations

A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor or perform other...

CVE-2025-48415 Backdoor Functionality via USB Drive in eCharge Hardy Barth cPH2 / cPP2 charging stations

A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor or perform other...

CVE-2025-4725

A vulnerability, which was classified as critical, was found in itsourcecode Placement Management System 1.0. This affects an unknown part of the file /viewdrive.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

itsourcecode Placement Management System 注入漏洞

itsourcecode Placement Management System is an open source placement management system from itsourcecode. An injection vulnerability exists in version 1.0 of itsourcecode Placement Management System, which originates from a SQL injection due to incorrect manipulation of the parameter ID in the fi...

I-O Data HDL-T 操作系统命令注入漏洞

I-O Data HDL-T is a series of network hard disks from I-O Data Japan. An operating system command injection vulnerability exists in I-O Data HDL-T versions 1.21 and earlier, which stems from OS command injection and could lead to the execution of arbitrary OS commands...

itsourcecode Placement Management System 注入漏洞

itsourcecode Placement Management System is an open source placement management system by itsourcecode. An injection vulnerability exists in version 1.0 of itsourcecode Placement Management System, which originates from a SQL injection due to incorrect manipulation of the parameter ID in the file...

Drive Data Should Be Managed in Partitions

When installing the OS, plan different partitions for OS data and service data based on the scenario. Do not store all data in the same drive or partition. Properly planning drive partitions avoids or reduces the following risks: 1. Log files are too large and use up the space of the service driv...

Configure the SSH Service Log Level Properly

SSH provides multiple log output levels, such as QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. A higher log level such as QUIET or FATAL prints less log information. This saves drive space but hinders administrators from auditing and tracing SSH events. Conversely, a lowe...

CVE-2025-4024

A vulnerability classified as critical has been found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file /adddrive.php. The manipulation of the argument drivetitle leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

itsourcecode Placement Management System 注入漏洞

itsourcecode Placement Management System is an open source placement management system by itsourcecode. An injection vulnerability exists in version 1.0 of itsourcecode Placement Management System, which originates from a SQL injection due to incorrect manipulation of the parameter drivetitle in...

Lenovo Filez 跨站脚本漏洞

Lenovo Filez is an enterprise web drive of the Chinese company Lenovo Lenovo. A security vulnerability exists in Lenovo Filez that originates from cross-site scripting and could lead to code execution...

Lenovo Filez 代码问题漏洞

Lenovo Filez is an enterprise web drive by the Chinese company Lenovo Lenovo. A security vulnerability exists in Lenovo Filez that stems from improper XML parsing, which could lead to arbitrary file reading...

CVE-2025-2763

CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this...

CVE-2025-2763 CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability

CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this...

Daas II Cloud II Unable to launch One Drive automatically within VDI using SSO

One Drive is not auto launching within VDI using Single Sign On...

Important: git

Issue Overview: A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwri...

CVE-2025-26688

Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally...

CVE-2025-26688

Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally...