Lucene search
+L
ZteZxcloud Goldendb

7 matches found

CVE
CVE
added 2025/04/27 1:34 a.m.126 views

CVE-2025-46579

The CVE-2025-46579 entry concerns ZTE GoldenDB with a DDE injection vulnerability. Attackers can inject DDE expressions via the interface, and when a user downloads and opens the affected file, the DDE commands can be executed. The available sources confirm the existence of this vulnerability and...

8.4CVSS8.6AI score0.00283EPSS
CVE
CVE
added 2025/04/27 1:49 a.m.70 views

CVE-2025-46580

CVE-2025-46580 concerns GoldenDB, a distributed database from ZTE. The connected documents describe a code-related vulnerability that allows attackers to access system tables, leading to disruption of business SQL operations. No specific vulnerable component, software version, or root-cause detai...

7.7CVSS7.5AI score0.00345EPSS
CVE
CVE
added 2025/04/27 1:30 a.m.68 views

CVE-2025-46578

CVE-2025-46578 concerns SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information. The connected documents consistently describe GoldenDB’s SQL injection risk but do n...

7.5CVSS7.3AI score0.00317EPSS
CVE
CVE
added 2025/04/27 1:12 a.m.67 views

CVE-2025-46575

Technical details about CVE-2025-46575 are not publicly available in the provided connected documents. Monitor for updates from official advisories for affected products, fixes, and exploit information.

7.5CVSS4.9AI score0.00335EPSS
CVE
CVE
added 2025/04/27 1:21 a.m.67 views

CVE-2025-46577

GoldenDB (ZTE) is affected by a SQL injection vulnerability where the application does not validate externally supplied SQL statements, enabling an attacker to execute arbitrary SQL and potentially exfiltrate data. Affected component: GoldenDB database product; root cause: lack of input validatio...

7.5CVSS6.8AI score0.00317EPSS
CVE
CVE
added 2025/04/27 1:16 a.m.66 views

CVE-2025-46576

The CVE-2025-46576 entry concerns ZTE GoldenDB, a financial-grade transactional distributed database. Affected component: the permission management and access control mechanism. Root cause: improper privilege management allows an attacker to manipulate requests to bypass privilege restrictions an...

6.5CVSS5.5AI score0.00255EPSS
CVE
CVE
added 2025/04/27 1:7 a.m.61 views

CVE-2025-46574

CVE-2025-46574 involves the GoldenDB database product from ZTE, where an input validation vulnerability can lead to information disclosure. The connected sources consistently describe that attackers may cause the system to reveal sensitive data by exploiting how invalid inputs are handled, specif...

5.3CVSS4.2AI score0.0021EPSS