Lucene search
+L

252 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:3 a.m.6 views

CVE-2024-5241

A vulnerability was found in Huashi Private Cloud CDN Live Streaming Acceleration Server up to 20240520. It has been classified as critical. Affected is an unknown function of the file /manager/ipconfignew.php. The manipulation of the argument dev leads to os command injection. It is possible to...

5.8CVSS7.6AI score0.01855EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:39 a.m.6 views

CVE-2024-31032

An issue in Huashi Private Cloud CDN Live Streaming Acceleration Server hgateway-sixport v.1.1.2 allows a remote attacker to execute arbitrary code via the manager/ipping.php component...

9.8CVSS9.6AI score0.01146EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/21 2:31 p.m.15 views

CVE-2025-5029 Kingdee Cloud Galaxy Private Cloud BBC System File deleteFileAction.jhtml path traversal

A vulnerability has been found in Kingdee Cloud Galaxy Private Cloud BBC System up to 9.0 Patch April 2025 and classified as critical. Affected by this vulnerability is the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file fileUpload/deleteFileAction.jhtml of the...

5.5CVSS6.8AI score0.00417EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/05/21 2:31 p.m.25 views

CVE-2025-5029 Kingdee Cloud Galaxy Private Cloud BBC System File deleteFileAction.jhtml path traversal

A vulnerability has been found in Kingdee Cloud Galaxy Private Cloud BBC System up to 9.0 Patch April 2025 and classified as critical. Affected by this vulnerability is the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file fileUpload/deleteFileAction.jhtml of the...

5.5CVSS0.00417EPSS
Exploits0References6
CVE
CVE
added 2025/05/21 2:31 p.m.62 views

CVE-2025-5029

Kingdee Cloud Galaxy Private Cloud BBC System (versions up to 9.0 Patch April 2025) contains a path traversal vulnerability in File Handler: BaseServiceFactory.getFileUploadService.deleteFileAction (fileUpload/deleteFileAction.jhtml) caused by unvalidated filePath input. Remotely exploitable; exp...

5.5CVSS5.4AI score0.00417EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/05/21 12:0 a.m.4 views

Kingdee Cloud Galaxy Private Cloud BBC System 路径遍历漏洞

Kingdee Cloud Galaxy Private Cloud BBC System is an all-inclusive cloud ERP system from China's Kingdee Kingdee. A path traversal vulnerability exists in Kingdee Cloud Galaxy Private Cloud BBC System versions V6.2 to V9.0, which stems from improper operation of the filePath parameter in the...

5.5CVSS5.5AI score0.00417EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.4 views

SAP S/4HANA Cloud Private 代码注入漏洞

SAP S/4HANA Cloud Private is a private cloud-deployed, enterprise-grade, intelligent ERP suite based on in-memory computing architecture from SAP, Germany. A code injection vulnerability exists in SAP S/4HANA Cloud Private, which stems from a lack of input validation and authorization checking an...

8.3CVSS7.1AI score0.00414EPSS
Exploits0References2
NCSC
NCSC
added 2025/04/30 1:12 p.m.11 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including SAP Financial Consolidation, SAP Landscape Transformation, SAP NetWeaver Application Server ABAP, SAP Commerce Cloud, SAP ERP BW, SAP BusinessObjects Business Intelligence Platform, SAP KMC WPC, SAP Solution Manager, SAP S4CORE, and SAP...

10CVSS9.2AI score0.99406EPSS
Exploits31References4
RedHat Linux
RedHat Linux
added 2025/04/22 2:51 p.m.71 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.10 security and extras update

Red Hat OpenShift Container Platform release 4.18.10 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...

8.8CVSS7.1AI score0.00476EPSS
Exploits0References3
Akamai Blog
Akamai Blog
added 2025/04/15 10:20 a.m.7 views

Private Networking in Distributed Compute Regions with VPC

...

5.3AI score
Exploits0
Snyk
Snyk
added 2025/04/14 9:30 a.m.2 views

Incorrect Authorization

Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Incorrect Authorization in that a user with the "Edit Other Users" permission set, but not broader high-level permissions, can modify the properti...

5.1CVSS6.8AI score0.00232EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/10 6:32 p.m.3 views

Incorrect Authorization

Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Incorrect Authorization through the /api/v4/audits endpoint. An attacker can retrieve User Activity Logs by exploiting insufficient access control...

5.1CVSS6.9AI score0.00278EPSS
Exploits0References2
CISA
CISA
added 2025/04/10 12:0 p.m.8 views

CISA Releases Ten Industrial Control Systems Advisories

CISA released ten Industrial Control Systems ICS advisories on April 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-100-01 Siemens License Server ICSA-25-100-02 Siemens SIDIS Prime ICSA-25-100-03 Siemens...

7AI score
Exploits0References10
NCSC
NCSC
added 2025/04/08 1:57 p.m.13 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as Industrial Edge Devices, Mendix, SENTRON, SIDIS, SIMATIC, SIPLUS,Insights Hub Private Cloud, Siemens License Server and Solid Edge. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the...

10CVSS7.6AI score0.99098EPSS
Exploits25References9
ICS
ICS
added 2025/04/08 12:0 a.m.16 views

Siemens Insights Hub Private Cloud

SUMMARY Insights Hub Private Cloud is affected by multiple vulnerabilities in Ingress NGINX Controller for Kubernetes. These vulnerabilities could lead to arbitrary code execution in the context of the ingress-nginx controller, or disclosure of Secrets accessible to the controller, or denial of...

8.7AI score
Exploits0References10
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.6 views

VMware Aria Operations 安全漏洞

VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid, and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations that stems from a local elevation of privilege...

7.8CVSS6.3AI score0.00151EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/02/25 4:38 a.m.26 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.1 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

9.8CVSS7AI score0.01279EPSS
Exploits0References1066
RedhatCVE
RedhatCVE
added 2025/02/05 9:15 p.m.9 views

CVE-2022-2664

A vulnerability classified as critical has been found in Private Cloud Management Platform. Affected is an unknown function of the file /management/api/rcxmanagement/globalconfigquery of the component POST Request Handler. The manipulation leads to improper authentication. It is possible to launc...

9.8CVSS7AI score0.0059EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.5 views

VMware Aria Operations 安全漏洞

VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid, and multi-cloud environments from VMware. A security vulnerability exists in VMware Aria Operations. An attacker could exploit the vulnerability to retrieve plug-in credentials...

7.7CVSS9.1AI score0.00539EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/28 3:16 p.m.17 views

CVE-2025-0659 Path Traversal and Rockwell Automation Third-party Vulnerability in DataMosaix™ Private Cloud

A path traversal vulnerability exists in the Rockwell Automation DataEdge Platform DataMosaix Private Cloud. By specifying the character sequence in the body of the vulnerable endpoint, it is possible to overwrite files outside of the intended directory. A threat actor with admin privileges could...

7CVSS0.00376EPSS
Exploits0References1
Rows per page
Query Builder