4 matches found
CVE-2026-40436
CVE-2026-40436 affects the ZTE ZXEDM iEMS product. The vulnerability is a password reset flaw that, due to improper access control on the cloud EMS portalʼs user-list interface, allows reading all user information and resetting passwords for obtained accounts. This could enable unauthorized opera...
CVE-2025-43732
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 is vulnerable to Insecure Direct Object Reference IDOR in the...
CVE-2025-43732
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 is vulnerable to Insecure Direct Object Reference IDOR in the...
SAP NetWeaver AS ABAP and ABAP Platform Information Disclosure Vulnerability (CNVD-2020-48592)
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An information disclosure vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform, which can be exploite...