Aggregates CVE and security vulnerability intelligence across all netease-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk command injection and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-45737 | An issue in NetEase (Hangzhou) Network Co., Ltd NeacSafe64 Driver before v1.0.0.8 allows attackers to escalate privileges via sending crafted IOCTL commands to the NeacSafe64.sys component. | [email protected] | 6.5 | 0.38% | 2025-06-27 | 2025-10-15 |
| CVE-2023-47454 | An Untrusted search path vulnerability in NetEase CloudMusic 2.10.4 for Windows allows local users to gain escalated privileges through the urlmon.dll file in the current working directory. | [email protected] | 7.8 | 0.06% | 2023-11-30 | 2024-11-21 |
| CVE-2020-7620 | pomelo-monitor through 0.3.7 is vulnerable to Command Injection.It allows injection of arbitrary commands as part of 'pomelo-monitor' params. | [email protected] | 9.8 | 2.06% | 2020-04-02 | 2024-11-21 |
| CVE-2019-18954 | Pomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js because certain internal attributes can be overwritten via a conflicting name. Hence, a malicious attacker can manipulate internal attributes by adding additional attributes to user input. | [email protected] | 5.3 | 0.43% | 2019-11-14 | 2024-11-21 |
| CVE-2012-1385 | Unspecified vulnerability in the NetEase WeiboHD (com.netease.wbhd) application 1.0.0 for Android has unknown impact and attack vectors. | [email protected] | 10.0 | 0.43% | 2012-03-07 | 2026-04-29 |
| CVE-2012-1384 | Unspecified vulnerability in the NetEase Pmail (com.netease.rpmms) application 0.5.0 and 0.5.2 for Android has unknown impact and attack vectors. | [email protected] | 10.0 | 0.43% | 2012-03-07 | 2026-04-29 |
| CVE-2012-1383 | Unspecified vulnerability in the NetEase Reader (com.netease.pris) application 1.1.2 and 1.2.0 for Android has unknown impact and attack vectors. | [email protected] | 10.0 | 0.33% | 2012-03-07 | 2026-04-29 |
| CVE-2012-1382 | Unspecified vulnerability in the Youdao Dictionary (com.youdao.dict) application 1.6.1, 2.0.1(2), and 3.0.0(1) for Android has unknown impact and attack vectors. | [email protected] | 10.0 | 0.33% | 2012-03-07 | 2026-04-29 |
| CVE-2012-1381 | Unspecified vulnerability in the NetEase CloudAlbum (com.netease.cloudalbum) application 2.0.0 and 2.2.0 for Android has unknown impact and attack vectors. | [email protected] | 10.0 | 0.43% | 2012-03-07 | 2026-04-29 |
| CVE-2012-1380 | Unspecified vulnerability in the NetEaseWeibo (com.netease.wb) application 1.2.1 and 1.2.2 for Android has unknown impact and attack vectors. | [email protected] | 10.0 | 0.33% | 2012-03-07 | 2026-04-29 |