Photon OS 5.0: Curl PHSA-2026-5.0-0785

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0785. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2025-54756

BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 use a default password that is guessable with knowledge of the device information. The latest release fixes this issue for new installations; users of old installations are encouraged to change all...

Western Digital My Cloud 命令注入漏洞

Western Digital My Cloud is a personal cloud storage device from Western Digital. A security vulnerability exists in Western Digital My Cloud OS 5, which originates from a remote command injection vulnerability in a CGI file in the device...

多款Western Digital产品路径遍历漏洞

Western Digital My Cloud is a personal cloud storage device.Western Digital My Cloud Home is an easy-to-use personal cloud storage device.SanDisk ibi is a smart photo manager and media storage drive from SanDisk Corporation. SanDisk ibi and others are products of SanDisk Corporation.SanDisk ibi i...

CVE-2022-29842

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability that could allow an attacker to execute code in the context of the root user on a vulnerable CGI file was discovered in Western Digital My Cloud OS 5 devicesThis issue affects My Cloud OS 5: before...

Western Digital My Cloud 命令注入漏洞

Western Digital My Cloud is a personal cloud storage device from Western Digital. A security vulnerability exists in Western Digital My Cloud OS 5 prior to version 5.26.119, which stems from a command injection vulnerability that could allow an attacker to execute code against vulnerable CGI file...

CVE-2021-36226

Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade files...

CVE-2022-29844

A vulnerability in the FTP service of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to read and write arbitrary files. This could lead to a full NAS compromise and would give remote execution capabilities to the attacker...

Western Digital My Cloud 后置链接漏洞

Western Digital My Cloud is a personal cloud storage device from Western Digital. A backlink vulnerability exists in Western Digital My Cloud OS 5 due to insufficient file validation during file uploads in the native language combination provided by SMB and AFP in its default configuration. A...

Western Digital My Cloud 授权问题漏洞

Western Digital My Cloud is a personal cloud storage device from Western Digital, Inc. Western Digital My Cloud OS 5 is vulnerable to authorization issues that could be exploited by attackers to remotely execute code and escalate privileges...

Western Digital My Cloud 后置链接漏洞

Western Digital My Cloud is a personal cloud storage device from Western Digital, Inc. A backlink vulnerability exists in Western Digital My Cloud OS 5 that could be exploited by attackers to cause code execution and information disclosure...

CVE-2018-4336

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...