CVE-2020-24159

NetEase Youdao Dictionary has a DLL hijacking vulnerability, which can be exploited by attackers to gain server permissions. This affects Guangzhou NetEase Youdao Dictionary 8.9.2.0...

EUVD-2020-16895

Malware in sbrugna...

EUVD-2020-16897

Malware in sbrugna...

EUVD-2025-1637

Malicious code in bioql PyPI...

EUVD-2024-53458

Malicious code in bioql PyPI...

EUVD-2024-50792

Malicious code in bioql PyPI...

Guangzhou Red Sea Cloud Computing Company Limited Red Sea Cloud eHr Exists Information Leakage Vulnerability

Redhaven eHR is a digital human resource management solution launched by Redhaven, focusing on providing state-owned enterprises and large-scale enterprises with systematic and precise services for optimizing salary distribution and incentive system. Guangzhou Red Sea Cloud Computing Co. Red Sea...

CVE-2025-0392

A vulnerability, which was classified as critical, was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. Affected is the function datagridGraph of the file /graphReportController.do. The manipulation of the argument storecode leads to sql injection. It is possible to launch t...

CVE-2024-0305

A vulnerability was found in Guangzhou Yingke Electronic Technology Ncast up to 2017 and classified as problematic. Affected by this issue is some unknown functionality of the file /manage/IPSetup.php of the component Guest Login. The manipulation leads to information disclosure. The attack may b...

CVE-2024-10947

A vulnerability classified as critical was found in Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to 2.0.1. This vulnerability affects unknown code of the file /interlib/order/BatchOrder?cmdACT=adminorder=adminOrderOrderList.xsl. The...

CVE-2024-33435

Insecure Permissions vulnerability in Guangzhou Yingshi Electronic Technology Co. Ncast Yingshi high-definition intelligent recording and playback system 2007-2017 allows a remote attacker to execute arbitrary code via the /manage/IPSetup.php backend function...

CVE-2020-8958

Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field...

CVE-2024-57490

Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker can log in to any system account including the system administrator through a logical flaw...

CVE-2024-57490

Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker can log in to any system account including the system administrator through a logical flaw...

CVE-2024-57490

Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker can log in to any system account including the system administrator through a logical flaw...

CVE-2024-57490

CVE-2024-57490 affects Guangzhou Hongfan Technology Co., LTD. iOffice20. The issue is a logic flaw that permits an attacker to log in as any user, including the administrator, effectively bypassing authentication. The vulnerability is tracked across multiple feeds (NVD, Red Hat, CNNVD, CVE List, ...

CVE-2024-57490

Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker can log in to any system account including the system administrator through a logical flaw...

CVE-2024-56949

An issue in Guangzhou Polar Future Culture Technology Co., Ltd University Search iOS 2.27.0 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2025-0392

A vulnerability, which was classified as critical, was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. Affected is the function datagridGraph of the file /graphReportController.do. The manipulation of the argument storecode leads to sql injection. It is possible to launch t...

CVE-2025-0392

CVE-2025-0392 affects Guangzhou Huayi Intelligent Technology Jeewms. The vulnerability targets the datagridGraph function in /graphReportController.do, where manipulating the store_code parameter results in SQL injection. It is exploitable remotely, and public disclosure is noted. Remediation per...