432 matches found
CVE-2026-53492 affecting package containerd2 for versions less than 2.2.4-3
CVE-2026-53492 affecting package containerd2 for versions less than 2.2.4-3. A patched version of the package is available...
CVE-2026-47262 affecting package containerd2 for versions less than 2.2.4-3
CVE-2026-47262 affecting package containerd2 for versions less than 2.2.4-3. A patched version of the package is available...
CVE-2026-50195 affecting package containerd2 for versions less than 2.2.4-3
CVE-2026-50195 affecting package containerd2 for versions less than 2.2.4-3. A patched version of the package is available...
CVE-2026-53489 affecting package containerd2 for versions less than 2.2.4-3
CVE-2026-53489 affecting package containerd2 for versions less than 2.2.4-3. A patched version of the package is available...
CVE-2026-53488 affecting package containerd2 for versions less than 2.2.4-3
CVE-2026-53488 affecting package containerd2 for versions less than 2.2.4-3. A patched version of the package is available...
CVE-2023-52951
A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...
CVE-2026-32250
NamelessMC is website software for Minecraft servers. A Reflected Cross-Site Scripting XSS vulnerability was discovered in version 2.2.4 in the id parameter of the endpoint /index.php?route=/queries/user/. The application reflects user-supplied input from the id parameter into the HTML response...
CVE-2026-40314
NamelessMC is website software for Minecraft servers. In version 2.2.4,core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. modules/Core/queries/reactions.php allows unauthenticated GET requests for...
CVE-2026-33398
NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/pages/forum/getquotes.php only checks whether the caller is logged in, then reads a post by attacker-controlled post ID and returns its content. The backend helper in modules/Forum/classes/Forum.php does not...
CVE-2026-39882 affecting package containerd2 for versions less than 2.2.4-2
CVE-2026-39882 affecting package containerd2 for versions less than 2.2.4-2. A patched version of the package is available...
CVE-2026-33814 affecting package containerd2 for versions less than 2.2.4-2
CVE-2026-33814 affecting package containerd2 for versions less than 2.2.4-2. A patched version of the package is available...
EUVD-2023-60579
A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...
CVE-2023-52951
CVE-2023-52951 affects the Synology Note Station Client prior to version 2.2.4-703, where sensitive data is transmitted in cleartext. This enables network-level (MITM) attackers to obtain user credentials. The CVE lists a CVSS v3.1 base score of 5.9 (MEDIUM) with high confidentiality impact and n...
PT-2026-45929
A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...
CVE-2026-35443
NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/classes/ForumPostReactionContext.php only verifies that the caller can view the forum, but it does not re-enforce topic-level viewothertopics authorization. As a result, in forums where users may enter the forum...
CVE-2026-40571
CVE-2026-40571 (NamelessMC) affects NamelessMC website software for Minecraft servers. In version 2.2.4, the file core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. As a result, authenticated low-privil...
CVE-2026-40571 NamelessMC: Reactions on private or blocking profile posts can be modified without proper authorization
NamelessMC is website software for Minecraft servers. In version 2.2.4, core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. This means that authenticated low-privileged users can add reactions to private...
CVE-2026-35447 NamelessMC: Private or blocking profile pages can be bypassed with direct POST requests, and reply handling allows cross-profile writes
NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page modules/Core/pages/profile.php processes wall post submissions and replies before verifying whether the viewer is authorized to access the profile. This allows any user with the profile.post permission to wri...
CVE-2026-35447
NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page modules/Core/pages/profile.php processes wall post submissions and replies before verifying whether the viewer is authorized to access the profile. This allows any user with the profile.post permission to wri...
EUVD-2026-33982
NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page modules/Core/pages/profile.php processes wall post submissions and replies before verifying whether the viewer is authorized to access the profile. This allows any user with the profile.post permission to wri...