CVE-2024-38645 Notes Station 3

A server-side request forgery SSRF vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote authenticated attackers to read application data. We have already fixed the vulnerability in the following version: Notes Station 3 3.9.7 and later...

CVE-2024-38646

The CVE-2024-38646 entry affects Notes Station 3. An incorrect permission assignment for a critical resource could allow local authenticated attackers with administrator access to read or modify the resource. Remediation: vulnerability fixed in Notes Station 3 version 3.9.7 and later. Impact deta...

CVE-2024-38646 Notes Station 3

An incorrect permission assignment for critical resource vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow local authenticated attackers who have gained administrator access to read or modify the resource. We have already fixed the vulnerabilit...

CVE-2024-38646 Notes Station 3

An incorrect permission assignment for critical resource vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow local authenticated attackers who have gained administrator access to read or modify the resource. We have already fixed the vulnerabilit...

PT-2024-28098 · Synology · Notes Station

Name of the Vulnerable Software and Affected Versions: Notes Station 3 versions prior to 3.9.7 Description: An OS command injection issue has been reported, which could allow remote authenticated attackers to execute commands if exploited. Recommendations: For versions prior to 3.9.7, update to...

WordPress WPDash Notes Plugin <= 1.3.5 is vulnerable to Broken Access Control

Software WPDash Notes Type Plugin Vulnerable versions = 1.3.5 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9223 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID dd5b7e8be1c3 Credits Francesco Carlucci Required privile...

PT-2024-39502 · WordPress · Wpdash Notes

Name of the Vulnerable Software and Affected Versions: WPDash Notes plugin for WordPress versions prior to 1.3.5 Description: The issue is related to a missing capability check on the wp ajax post it list comment function, allowing authenticated attackers with Subscriber-level access and above to...

QNAP Notes Station 安全漏洞

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. QNAP Notes Station 3 suffers from a Resource Privilege Assignment Error vulnerability that stems from the...

QNAP Systems QNAP Notes Station 安全漏洞

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. A server-side request forgery vulnerability exists in QNAP Notes Station 3. The vulnerability stems from th...

PT-2024-8865 · Unknown · Notes Station 3

Name of the Vulnerable Software and Affected Versions: Notes Station 3 versions prior to 3.9.7 Description: The issue is related to insufficient validation of incoming requests, which could allow a remote attacker to gain unauthorized access to protected information by spoofing requests on behalf...

QNAP Systems Notes Station 安全漏洞

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. QNAP Notes Station 3 suffers from a command injection vulnerability, which stems from the application faili...

QNAP Systems Notes Station 安全漏洞

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. QNAP Notes Station 3 suffers from an authentication missing vulnerability that stems from the inclusion of ...

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.8.8 bug fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.8.8 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

org.apache.commons:commons-compress Dependency in Bamboo Data Center and Server

This High severity org.apache.commons:commons-compress Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, and 9.5.0 of Bamboo Data Center and Server. This org.apache.commons:commons-compress Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector o...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.41 bug fix and security update

Red Hat OpenShift Container Platform release 4.14.41 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.16.23 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

containers-common bug fix and enhancement update

An update is available for containers-common. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

16 bug fix and enhancement update

An update is available for pgaudit, module.pgaudit, module.postgres-decoderbufs, postgres-decoderbufs, pgrepack, module.pgrepack. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

15 bug fix and enhancement update

An update is available for pgaudit, module.pgaudit, module.postgres-decoderbufs, postgres-decoderbufs, pgrepack, module.pgrepack. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

22 bug fix and enhancement update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For...