QNAP Qsync Central 代码问题漏洞

QNAP Qsync Central is a cloud-based file synchronization service on a NAS from Taiwan, China-based QNAP Technology QNAP. A code issue vulnerability exists in QNAP Qsync Central versions prior to 5.0.0.1 that stems from a null pointer dereference and could lead to a denial of service attack...

QNAP Qsync Central 安全漏洞

QNAP Qsync Central is the official private cloud synchronization service developed by QNAP for its Network Attached Storage NAS devices. QNAP Qsync Central suffers from an unrestricted resource allocation vulnerability that can be exploited by an attacker to prevent other systems, applications, o...

QNAP Qsync Central Denial of Service Vulnerability

QNAP Qsync Central is a private cloud synchronization service launched by QNAP, which is mainly used to achieve real-time synchronization and backup of files between devices. A denial of service vulnerability exists in QNAP Qsync Central, which stems from uncontrolled resource consumption and can...

QNAP Qsync Central 代码问题漏洞

QNAP Qsync Central is a private cloud synchronization service launched by QNAP, which is mainly used to achieve real-time synchronization and backup of files between devices. A null pointer dereference vulnerability exists in QNAP Qsync Central, which can be exploited by attackers to cause a deni...

CVE-2025-26620 Duende.AccessTokenManagement race condition when concurrently retrieving customized Client Credentials Access Tokens

Duende.AccessTokenManagement is a set of .NET libraries that manage OAuth and OpenId Connect access tokens. Duende.AccessTokenManagement contains a race condition when requesting access tokens using the client credentials flow. Concurrent requests to obtain an access token using differing protoco...

PT-2025-7217 · Duende · Duende.Accesstokenmanagement

Name of the Vulnerable Software and Affected Versions: Duende.AccessTokenManagement affected versions not specified Description: Duende.AccessTokenManagement contains a race condition when requesting access tokens using the client credentials flow. Concurrent requests to obtain an access token...

Pentagon Subcontractor Inadvertently Leaks 11 Gigs of Sensitive Data

A slew of sensitive data pertaining to psychologists, doctors and other healthcare professionals involved with an arm of the U.S. Department of Defense was recently left unsecured online. Chris Vickery, a security researcher with MacKeeper who has stumbled across unsecured internal databases...

ntp: Multiple buffer overflows via specially-crafted packets

Multiple buffer overflow flaws were discovered in ntpd's cryptorecv, ctlputdata, and configure functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user...

RAPI Manager Detection

The remote service supports the Remote Applications Programming Interfaces RAPI protocol and is used by the host to manage connections from Windows Mobile / Windows CE devices. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if descripti...

Forefront Identity Manager 2010 Synchronization Service Update (KB978864)

Forefront Identity Manager 2010 Synchronization Service Update KB978864...

FIM2010R2-SynchronizationService-Existence-Detectoid

This detectoid detects the existence of FIM 2010 R2 Synchronization Service + any subsequent cumulative updates prior to SP1...

FIM-SynchronizationService-Existence-Detectoid

Checks for FIM Synchronization Service existence...

Update Rollup 2 for Forefront Identity Manager 2010 Synchronization Service (KB2635086)

This is a recommended update for Forefront Identity Manager 2010. This release includes all changes made since RTM...