CVE-2025-32406

An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1 before 11.0.2 allows remote attackers fetch and parse the XML response...

Vulnerability Scanner Detection Related to CVE-2024-7264

Support Statement This Veeam KB article was created to address customers' concerns regarding the detection of the libcurl library by their security software on VMware Backup Proxies, where the VMware VDDK package is installed. Libcurl is a component of VMware VDDK Virtual Disk Development Kit,...

Important: Red Hat Security Advisory: VolSync 0.12.1 security fixes and enhancements for RHEL 9

VolSync v0.12 general availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CVE-2024-10442

Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code, potentially leading to a broader impact across the...

Vulnerability fixed in Veeam Backup & Replication

Veeam has fixed a vulnerability in Veeam Backup & Replication. The vulnerability is located in the authorization mechanism of the Backup & Replication software and allows a domain user to execute arbitrary code on the system where Backup & Replication is implemented. Veeam has released critical...

Veeam Backup & Replication 安全漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication that originates from allowing remote code execution...

Vulnerability fixed in Synology Replication Service and Synology Unified Controller

Synology has fixed a vulnerability in Synology Replication Service and Synology Unified Controller. The vulnerability is located in an off-by-one flaw in the Synology Replication Service and Synology Unified Controller, which allows remote attackers to execute arbitrary code. This can lead to...

CVE-2024-10442

Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code, potentially leading to a broader impact across the...

CVE-2024-10442

Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code, potentially leading to a broader impact across the...

CVE-2024-10442

Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code, potentially leading to a broader impact across the...

CVE-2024-10442

CVE-2024-10442 affects Synology Replication Service and Synology Unified Controller (DSMUC). The vulnerability is an off-by-one error in the transmission component that can allow remote attackers to execute arbitrary code. Affected versions include Replication Service before 1.0.12-0066, 1.2.2-03...

CVE-2024-10442

Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code, potentially leading to a broader impact across the...

Synology Replication Service 安全漏洞

Synology Replication Service is a software from Synology China used to synchronize files between different NAS or storage devices. It is used to ensure data consistency and synchronization between different storage devices. A security vulnerability exists in Synology Replication Service, which...

PT-2025-11958

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions prior to 12.3.1 Description A deserialization flaw exists in Veeam Backup & Replication, where the application improperly handles serialized data. This allows an authenticated domain user or a member of the...

Is Security Human Factors Research Skewed Towards Western Ideas and Habits?

Really interesting research: "How WEIRD is Usable Privacy and Security Research?" by Ayako A. Hasegawa Daisuke Inoue, and Mitsuaki Akiyama: Abstract : In human factor fields such as human-computer interaction HCI and psychology, researchers have been concerned that participants mostly come from...

RLSA-2025:1671 Important: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details CVEID:CVE-2023-33850 DESCRIPTION: IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. B...

Security Bulletin: InfoSphere Data Replication is affected by postgresql vulnerbility

Summary InfoSphere Data Replication uses postgresql. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-1597 DESCRIPTION: PostgreSQL JDBC Driver PgJDBC is vulnerable to SQL injection. A remote attacker could send specially crafted SQL...

Security Bulletin: InfoSphere Data Replication is affected by a Snappy-Java vulnerability (CVE-2023-43642)

Summary InfoSphere Data Replication uses Snappy-Java. This bulletin identifies the steps to take to address the vulnerability in that package. Vulnerability Details CVEID:CVE-2023-43642 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by missing upper bound check on chunk...

CVE-2024-48248

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...