10 matches found
CVE-2026-3065 HummerRisk Cloud Task Dry-run CloudTaskService.java CommandUtils.commonExecCmdWithResult command injection
A vulnerability was detected in HummerRisk up to 1.5.0. This affects the function CommandUtils.commonExecCmdWithResult of the file CloudTaskService.java of the component Cloud Task Dry-run. Performing a manipulation of the argument fileName results in command injection. Remote exploitation of the...
CVE-2026-3065
A vulnerability was detected in HummerRisk up to 1.5.0. This affects the function CommandUtils.commonExecCmdWithResult of the file CloudTaskService.java of the component Cloud Task Dry-run. Performing a manipulation of the argument fileName results in command injection. Remote exploitation of the...
PT-2025-7271 · Weeek · Weeek
Name of the Vulnerable Software and Affected Versions: WEEEK affected versions not specified Description: The issue is related to the lack of protection for the web page structure in the WEEEK task and project management service. This could allow a remote attacker to execute arbitrary JavaScript...
PT-2025-7268 · Weeek · Weeek
Name of the Vulnerable Software and Affected Versions: WEEEK affected versions not specified Description: The issue is related to the lack of protection for the web page structure in the WEEEK task and project management service. This could allow a remote attacker to execute arbitrary JavaScript...
Huawei HarmonyOS Type Check Not Strict Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a type-checking laxity vulnerability, which stems from a type-checking laxity in the background task service module. An attacke...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a type-checking laxity vulnerability, which stems from a type-checking laxity in the background task service module. An attacke...
Arbitrary File Containment Vulnerability in UFIDA Financials
UFIDA Financials is a financial management software. UFIDA Financial System has an arbitrary file inclusion vulnerability. The vulnerability url is: http://target/TaskManager/TaskServiceServlet?m=1&taskname=... /... /WEB-INF/web.xml%00, attackers can use the vulnerability to obtain database...
Lenovo Solution Center 'LSCTaskService' Local Lift Vulnerability
Lenovo Solution Center is a suite of software from the Chinese company Lenovo that helps users quickly identify the state of system health, network connectivity and overall system security. A local elevation of privilege vulnerability exists in Lenovo Solution Center. A local attacker can exploit...
Exploit for eTrust Antivirus Agent r8
No description provided by source. / ---------------------------------------------------------------------- | 48Bits Advisory -=- Privilege Elevation in eTrust Antivirus Agent r8 | ---------------------------------------------------------------------- Affected versions :...
CVE-2007-2523
CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions NULL security descriptor for the Task Service shared file mapping, which allows local users to modify this mapping and gain privileges by triggering a stack-based buffer overflow in InoCore.dll before...