NeteaseCVEs & Vulnerabilities

10 CVEs affecting Netease products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

youdao dictionary 3netease cloudalbum 2netease pmail 2netease reader 2neteaseweibo 2cloudmusic 1netease weibohd 1pomelo 1
CVE-2025-45737MEDIUM

An issue in NetEase (Hangzhou) Network Co., Ltd NeacSafe64 Driver before v1.0.0.8 allows attackers to escalate privileges via sending crafted IOCTL commands to the NeacSafe64.sys component.

27 Jun 2025
6.5
CVSS
CVE-2023-47454HIGH

An Untrusted search path vulnerability in NetEase CloudMusic 2.10.4 for Windows allows local users to gain escalated privileges through the urlmon.dll file in the current working directory.

1 Dec 2023
7.8
CVSS
CVE-2020-7620CRITICAL

pomelo-monitor through 0.3.7 is vulnerable to Command Injection.It allows injection of arbitrary commands as part of 'pomelo-monitor' params.

3 Apr 2020
9.8
CVSS
CVE-2019-18954MEDIUM

Pomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js because certain internal attributes can be overwritten via a conflicting name. Hence, a malicious attacker can manipulate internal attributes by adding additional attributes to user input.

14 Nov 2019
5.3
CVSS
CVE-2012-1385CRITICAL

Unspecified vulnerability in the NetEase WeiboHD (com.netease.wbhd) application 1.0.0 for Android has unknown impact and attack vectors.

7 Mar 2012
10.0
CVSS
CVE-2012-1384CRITICAL

Unspecified vulnerability in the NetEase Pmail (com.netease.rpmms) application 0.5.0 and 0.5.2 for Android has unknown impact and attack vectors.

7 Mar 2012
10.0
CVSS
CVE-2012-1383CRITICAL

Unspecified vulnerability in the NetEase Reader (com.netease.pris) application 1.1.2 and 1.2.0 for Android has unknown impact and attack vectors.

7 Mar 2012
10.0
CVSS
CVE-2012-1382CRITICAL

Unspecified vulnerability in the Youdao Dictionary (com.youdao.dict) application 1.6.1, 2.0.1(2), and 3.0.0(1) for Android has unknown impact and attack vectors.

7 Mar 2012
10.0
CVSS
CVE-2012-1381CRITICAL

Unspecified vulnerability in the NetEase CloudAlbum (com.netease.cloudalbum) application 2.0.0 and 2.2.0 for Android has unknown impact and attack vectors.

7 Mar 2012
10.0
CVSS
CVE-2012-1380CRITICAL

Unspecified vulnerability in the NetEaseWeibo (com.netease.wb) application 1.2.1 and 1.2.2 for Android has unknown impact and attack vectors.

7 Mar 2012
10.0
CVSS
← PrevPage 1 / 1Next →