Browse all 3 CVE security advisories affecting Y'S corporation. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Y'S corporation develops enterprise resource planning (ERP) software for supply chain management. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and access controls. While no major public incidents have been documented, the three CVEs on record highlight persistent security gaps in their web interfaces and authentication mechanisms. Their security posture appears reactive rather than proactive, with patch cycles typically following vulnerability disclosure rather than implementing preventive measures. The company's focus on functionality has occasionally overshadowed security considerations, resulting in vulnerabilities that could allow attackers to compromise sensitive business data or disrupt operations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-20620 | STEALTHONE多款产品 SQL注入漏洞 — STEALTHONE D220CWE-89 | 7.5 | High | 2025-01-14 |
| CVE-2025-20055 | STEALTHONE D220和STEALTHONE D340 操作系统命令注入漏洞 — STEALTHONE D220CWE-78 | 9.8 | Critical | 2025-01-14 |
| CVE-2025-20016 | STEALTHONE多款产品 操作系统命令注入漏洞 — STEALTHONE D220CWE-78 | 7.2 | High | 2025-01-14 |
This page lists every published CVE security advisory associated with Y'S corporation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.