16 matches found
CVE-2024-47273
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...
CVE-2024-47273
CVE-2024-47273 concerns Synology Hyper Backup’s Backup Task component. The vulnerability arises from an improper limitation of a pathname to a restricted directory (a path traversal issue) that, in versions prior to 4.1.2-4036, enables remote authenticated users to write specific files via unspec...
EUVD-2024-55608
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...
CVE-2024-47273
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...
CVE-2024-47273
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...
PT-2026-45931
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...
EUVD-2022-53881
Malicious code in bioql PyPI...
CVE-2022-49039
Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors...
CVE-2022-49039
Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors...
CVE-2022-49041
Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors...
CVE-2022-49041
Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors...
CVE-2022-49039
Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors...
CVE-2022-49039
Affected software: Synology Drive Client (backup task management). The issue is an out-of-bounds write vulnerability in the backup task management functionality prior to version 3.4.0-15721. Exploitation requires local access with administrator privileges and can allow arbitrary command execution...
CVE-2022-49039
Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors...
PT-2024-11895 · Synology · Synology Drive Client
Name of the Vulnerable Software and Affected Versions: Synology Drive Client versions prior to 3.4.0-15721 Description: A buffer copy without checking the size of the input, also known as a 'Classic Buffer Overflow', exists in the backup task management functionality. This issue allows local user...
Logic design vulnerability in CSCMS Skin.php file
Cheng's CMS content management system referred to as CSCMS is a multi-functional network information management system developed by Chongsheng Network Technology. A logical design vulnerability exists in the CSCMS Skin.php file. The vulnerability is due to unfiltered processing of user-supplied...