18 matches found
CData Sync < 23.4.8843 - Path Traversal
A path traversal vulnerability exists in the Java version of CData Sync CData - Sync' - ra...
CVE-2025-53077
An execution after redirect in Samsung DMSData Management Server allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing this vulnerability...
CVE-2023-52943
Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to to perform limited actions on the alerting function via unspecified vectors...
CVE-2023-52944
Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to perform limited actions on the set action rules function via unspecified vectors...
CVE-2023-52943
Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to to perform limited actions on the alerting function via unspecified vectors...
CVE-2023-52943
The CVE-2023-52943 vulnerability affects Synology Surveillance Station, specifically the Alert.Setting webapi component. Affected versions are prior to 9.2.0-11289 and 9.2.0-9289. The issue is described as an incorrect authorization vulnerability that allows remote authenticated users to perform ...
GitLab 9.5 < 12.9.8 / 12.10 < 12.10.7 / 13.0 < 13.0.1 (CVE-2020-13263)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perfo...
CVE-2024-31851
A path traversal vulnerability exists in the Java version of CData Sync 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...
CVE-2024-31851
CVE-2024-31851 – Path traversal in CData Sync (Java, embedded Jetty) Affected software: CData Sync Java edition prior to 23.4.8843 running with the embedded Jetty server. Vulnerability: Path traversal vulnerability allowing an unauthenticated remote attacker to access sensitive information and pe...
CVE-2024-31851
A path traversal vulnerability exists in the Java version of CData Sync 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...
CVE-2024-31850
A path traversal vulnerability exists in the Java version of CData Arc 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...
BIT-GITLAB-2020-13263
An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perform limited actions...
CVE-2020-11635
The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which they did not have privileges...
CVE-2020-13263
An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perform limited actions...
CVE-2020-13263
An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perform limited actions...
Authorization
An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perform limited actions...
CVE-2020-13263
An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perform limited actions...
CVE-2020-13263
Removed by vendor...