Lei Zhang

14 exploits Active since Dec 2015
CVE-2016-1709 WRITEUP HIGH WRITEUP
Google sfntly <2016-06-10 - Buffer Overflow
Heap-based buffer overflow in the ByteArray::Get method in data/byte_array.cc in Google sfntly before 2016-06-10, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SFNT font.
CVSS 8.8
CVE-2015-6781 WRITEUP WRITEUP
Google Chrome < 46.0.2490.86 - Integer Overflow in FontData::Bound
Integer overflow in the FontData::Bound function in data/font_data.cc in Google sfntly, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted offset or length value within font data in an SFNT container.
CVE-2025-28400 WRITEUP MEDIUM WRITEUP
RUoYi 4.8.0 - Privilege Escalation via PostID Parameter
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the postID parameter in the edit method
CVSS 6.7
CVE-2025-28402 WRITEUP CRITICAL WRITEUP
RUoYi 4.8.0 - Privilege Escalation via jobId Parameter
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobId parameter
CVSS 9.8
CVE-2025-28403 WRITEUP HIGH WRITEUP
RUoYi 4.8.0 - Privilege Escalation via editSave Method
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method does not properly validate whether the requesting user has administrative privileges before allowing modifications to system configuration settings
CVSS 7.2
CVE-2025-28405 WRITEUP CRITICAL WRITEUP
RUoYi 4.8.0 - Privilege Escalation via changeStatus Method
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the changeStatus method
CVSS 9.8
CVE-2025-28406 WRITEUP CRITICAL WRITEUP
RUoYi 4.8.0 - Privilege Escalation via jobLogId Parameter
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobLogId parameter
CVSS 9.8
CVE-2025-28407 WRITEUP HIGH WRITEUP
RUoYi 4.8.0 - Privilege Escalation via Unvalidated DictId Edit Endpoint
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the edit method of the /edit/{dictId} endpoint does not properly validate whether the requesting user has permission to modify the specified dictId
CVSS 8.8
CVE-2025-28408 WRITEUP CRITICAL WRITEUP
RUoYi 4.8.0 - Privilege Escalation via selectDeptTree Endpoint deptId Parameter
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the selectDeptTree method of the /selectDeptTree/{deptId} endpoint does not properly validate the deptId parameter
CVSS 9.8
CVE-2025-28409 WRITEUP HIGH WRITEUP
RUoYi 4.8.0 - Privilege Escalation via /add/{parentId} Endpoint
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the add method of the /add/{parentId} endpoint does not properly validate whether the requesting user has permission to add a menu item under the specified parentId
CVSS 8.8
CVE-2025-28410 WRITEUP CRITICAL WRITEUP
RUoYi 4.8.0 - Privilege Escalation via cancelAuthUserAll Method
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the cancelAuthUserAll method does not properly validate whether the requesting user has administrative privileges
CVSS 9.8
CVE-2025-28411 WRITEUP CRITICAL WRITEUP
RUoYi 4.8.0 - Privilege Escalation via Tool Gen EditSave Method
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method in /tool/gen/editSave
CVSS 9.8
CVE-2025-28412 WRITEUP CRITICAL WRITEUP
RuoYi 4.8.0 - Privilege Escalation via SysNoticeController EditSave Method
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave method in SysNoticeController
CVSS 9.8
CVE-2025-28413 WRITEUP CRITICAL WRITEUP
RUoYi 4.8.0 - Privilege Escalation via SysDictTypeController
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the SysDictTypeController component
CVSS 9.8