Synology DiskStation Manager Improper Certificate Validation (CVE-2024-10445)

Improper certificate validation vulnerability in the update functionality in Synology BeeStation OS BSM before 1.1-65374 and Synology DiskStation Manager DSM before 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to write limited files via...

CVE-2020-10445

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-article.php by adding a question mark ? followed by the payload...

CVE-2025-10445 Campcodes Computer Sales and Inventory System us_transac.php sql injection

A weakness has been identified in Campcodes Computer Sales and Inventory System 1.0. Impacted is an unknown function of the file /pages/ustransac.php?action=add. Executing manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has bee...

CVE-2019-10445

A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the scope of a credential with an attacker-specified credentials ID...

CVE-2024-10445

Improper certificate validation vulnerability in the update functionality in Synology BeeStation OS BSM before 1.1-65374 and Synology DiskStation Manager DSM before 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to write limited files via...

CVE-2024-10445

Improper certificate validation vulnerability in the update functionality in Synology BeeStation OS BSM before 1.1-65374 and Synology DiskStation Manager DSM before 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to write limited files via...

Synology DiskStation Manager (DSM) File Write Vulnerability (Synology-SA-24:20) - Unreliable Remote Version Check

Synology DiskStation Manager DSM is prone to a file write vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2020-10445

The CVE-2020-10445 entry concerns Chadha PHPKB Standard Multi-Language 9. Reflected XSS can be triggered via URI handling in admin/header.php, affecting admin/report-article.php by appending a payload after a question mark. The vulnerability stems from how URIs are processed in that header, enabl...

CVE-2019-10445

A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the scope of a credential with an attacker-specified credentials ID...

CVE-2019-10445

A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the scope of a credential with an attacker-specified credentials ID...

CVE-2019-10445

CVE-2019-10445 affects the Jenkins Google Kubernetes Engine Plugin (versions ≤ 0.7.0). A missing permission check enables users with Overall/Read to obtain limited information about a credential’s scope by supplying a credentials ID. The issue is specifically a disclosure vulnerability within the...

CVE-2016-10445

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, and SnapdragonHighMed2016, input is no...

CVE-2016-10445

CVE-2016-10445 describes improper input validation in a Qualcomm QTEE API function affecting Android devices with Snapdragon Automotive and Snapdragon Mobile platforms (SD 410/12, 425, 427, 430, 435, 450, 615/16/SD 415, 625, 820, 820A, 835, 845, 850, SDM630/636/660, Snapdragon_High_Med_2016). The...

ruralvia.com XSS vulnerability

Vulnerable URL: http://ruralvia.com/cms/dinamico/generico/ruralvia/es/empresas/segmentos/comercios/seguros/productos/comerciosseguros/seguromultirriesgocomercio.html?portal=/grupo/ruralvia/ Details: Description| Value ---|--- Patched:| Yes, at 18.03.2016 Latest check for patch:| 18.03.2016 01:37...