A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vulnerability affects the function dataAction of the file /webmain/task/openapi/openmodhetongAction.php. The manipulation of the argument nickName leads to sql injection. The attack can be initiated remotely. The exploit h…

A vulnerability classified as critical has been found in IObit DualSafe Password Manager 1.4.0.3. This affects an unknown part in the library RTL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The ident…

A vulnerability was reported in Lenovo PC Manager versions prior to 2.6.40.3154 that could allow an attacker to cause a system reboot.

A vulnerability was reported in Lenovo PC Manager prior to version 2.8.90.11211 that could allow a local attacker to escalate privileges.

A vulnerability was reported in Lenovo PC Manager prior to version 2.8.90.11211 that could allow a local attacker to escalate privileges.

An authentication bypass vulnerability could allow an attacker to access API functions without authentication.

A command injection vulnerability could allow an authenticated user to execute operating system commands as root via a specially crafted API request.

A denial-of-service vulnerability could allow an authenticated user to trigger an internal service restart via a specially crafted API request.

A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307.1308 that could allow a local user to execute code with elevated privileges.

Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2. The vulnerability could cause users to not be warned when clicking links to external sites.