Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2025/11/12 10:7 p.m.11 views

CVE-2021-4463

CVE-2021-4463 affects Longjing Technology BEMS API versions up to 1.21. The vulnerability exists in the downloads endpoint where the fileName parameter is not properly sanitized, enabling an attacker to perform path traversal and download arbitrary files outside the intended directory without aut...

8.7CVSS6.5AI score0.01851EPSS
Exploits1References7
Cvelist
Cvelistadded 2025/11/12 10:7 p.m.5 views

CVE-2021-4463 Longjing Technology BEMS API <= 1.21 Remote Arbitrary File Download

Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the 'downloads' endpoint. The 'fileName' parameter is not properly sanitized, allowing attackers to craft traversal sequences and access sensitive files outside the...

8.7CVSS0.01851EPSS
Exploits1References7
CNNVD
CNNVDadded 2025/11/12 12:0 a.m.1 views

Longjing BEMS API 安全漏洞

The Longjing BEMS API is an interface to the Battery Energy Management System BEMS from China's Longjing. A security vulnerability exists in Longjing BEMS API version 1.21 and earlier, which stems from an arbitrary file download issue in the downloads endpoint that could result in access to...

8.7CVSS9.1AI score0.01851EPSS
Exploits1References9
Rows per page
Query Builder