Lucene search
+L

21846 matches found

EUVD
EUVD
added 2026/05/27 8:43 a.m.23 views

EUVD-2025-209962

An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content during installation...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 8:43 a.m.18 views

CVE-2025-66592

CVE-2025-66592 : An origin validation error affects Synology Active Backup for Business Agent prior to version 3.1.0-4967. The flaw allows local users to write arbitrary files with restricted content during installation, indicating a path traversal/origin-check weakness in the installer process. ...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/27 8:43 a.m.15 views

CVE-2025-66592

An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 8:38 a.m.16 views

EUVD-2025-209958

Origin validation error vulnerability in Synology ActiveProtect Agent before 1.1.0-0439 allows local users to write arbitrary files with restricted content when installing...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 8:38 a.m.14 views

CVE-2025-13593

Origin validation error vulnerability in Synology ActiveProtect Agent before 1.1.0-0439 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 8:26 a.m.36 views

CVE-2024-11399

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors...

6.8CVSS0.00112EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 8:26 a.m.15 views

CVE-2024-11399

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors...

6.8CVSS5.8AI score0.00112EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 8:25 a.m.32 views

CVE-2023-52945

CVE-2023-52945 describes an "Uncontrolled search path element" vulnerability in the OpenSSL DLL component of Synology BeeDrive for desktop, affecting versions prior to 1.3.2-13814. The issue enables local users to trigger arbitrary code execution via unspecified vectors, with a local attack poten...

7.8CVSS6.2AI score0.00139EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/27 8:25 a.m.16 views

CVE-2023-52945

Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS6.2AI score0.00139EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-43585

Name of the Vulnerable Software and Affected Versions Synology ActiveProtect Agent versions prior to 1.1.0-0439 Description An origin validation error occurs during installation, allowing local users to write arbitrary files with restricted content. Recommendations Update to version 1.1.0-0439 or...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Synology Assistant 访问控制错误漏洞

Synology Assistant is a network storage device discovery and management tool provided by the Chinese company Synology. Versions of Synology Assistant prior to 7.0.6-50085 contained a access control vulnerability caused by a source verification error. This vulnerability could allow local users to...

6.1CVSS5.8AI score0.00086EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.21 views

PT-2026-43590

Name of the Vulnerable Software and Affected Versions Synology Active Backup for Business Agent versions prior to 3.1.0-4967 Description An origin validation error occurs during installation, which allows local users to write arbitrary files containing restricted content. Recommendations Update t...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Synology Active Backup for Business Agent 访问控制错误漏洞

Synology Active Backup for Business Agent is an enterprise data backup and recovery management platform developed by Synology, a Chinese company. Versions of Synology Active Backup for Business Agent prior to 3.1.0-4967 contained a access control vulnerability caused by a source verification erro...

6.1CVSS5.8AI score0.00086EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.38 views

PT-2026-43976

Name of the Vulnerable Software and Affected Versions IBM App Connect Enterprise versions 13.0.1.0 through 13.0.7.0 Description Sensitive information is stored in log files, which may allow a local user to read this data. Recommendations At the moment, there is no information about a newer versio...

5.5CVSS5.8AI score0.001EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Synology ActiveProtect Agent 访问控制错误漏洞

Synology ActiveProtect Agent is a terminal data backup and recovery agent provided by the Chinese company Synology. Versions of Synology ActiveProtect Agent prior to 1.1.0-0439 contained a access control vulnerability caused by a source validation error. This vulnerability could allow local users...

6.1CVSS5.8AI score0.00086EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.19 views

PT-2026-43577

Name of the Vulnerable Software and Affected Versions Synology BeeDrive for desktop versions prior to 1.3.2-13814 Description A flaw in the redis-server component allows local users to perform denial-of-service attacks, which occur when a system is overwhelmed to the point of becoming unavailable...

6.8CVSS5.4AI score0.00112EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.19 views

PT-2026-43591

Name of the Vulnerable Software and Affected Versions Synology Assistant versions prior to 7.0.6-50085 Description An origin validation error allows local users to write arbitrary files with restricted content during the installation process. Recommendations Update to version 7.0.6-50085 or later...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.19 views

CVE-2026-9490

A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message message type 0x03 to the pipe, causing the service ...

6.8CVSS5.8AI score0.00173EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.12 views

CVE-2026-9489

NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with ...

8.5CVSS6.3AI score0.0012EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.12 views

HP LaserJet Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2013-4829)

HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices allow local users to read images of arbitrary scanned documents via unspecified vectors. This plugin only...

1.5CVSS5.9AI score0.00324EPSS
Exploits0References2
Rows per page
Query Builder