Lucene search
K

21831 matches found

Cvelist
Cvelist
added 2026/05/27 8:26 a.m.34 views

CVE-2024-11399

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors...

6.8CVSS0.00112EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 8:26 a.m.14 views

CVE-2024-11399

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors...

6.8CVSS5.8AI score0.00112EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 8:25 a.m.15 views

CVE-2023-52945

Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS6.2AI score0.00139EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 8:25 a.m.27 views

CVE-2023-52945

CVE-2023-52945 describes an "Uncontrolled search path element" vulnerability in the OpenSSL DLL component of Synology BeeDrive for desktop, affecting versions prior to 1.3.2-13814. The issue enables local users to trigger arbitrary code execution via unspecified vectors, with a local attack poten...

7.8CVSS6.2AI score0.00139EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.16 views

PT-2026-43590

Name of the Vulnerable Software and Affected Versions Synology Active Backup for Business Agent versions prior to 3.1.0-4967 Description An origin validation error occurs during installation, which allows local users to write arbitrary files containing restricted content. Recommendations Update t...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Synology Assistant 访问控制错误漏洞

Synology Assistant is a network storage device discovery and management tool provided by the Chinese company Synology. Versions of Synology Assistant prior to 7.0.6-50085 contained a access control vulnerability caused by a source verification error. This vulnerability could allow local users to...

6.1CVSS5.8AI score0.00086EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.16 views

PT-2026-43591

Name of the Vulnerable Software and Affected Versions Synology Assistant versions prior to 7.0.6-50085 Description An origin validation error allows local users to write arbitrary files with restricted content during the installation process. Recommendations Update to version 7.0.6-50085 or later...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.31 views

PT-2026-43976

Name of the Vulnerable Software and Affected Versions IBM App Connect Enterprise versions 13.0.1.0 through 13.0.7.0 Description Sensitive information is stored in log files, which may allow a local user to read this data. Recommendations At the moment, there is no information about a newer versio...

5.5CVSS5.8AI score0.001EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Synology Active Backup for Business Agent 访问控制错误漏洞

Synology Active Backup for Business Agent is an enterprise data backup and recovery management platform developed by Synology, a Chinese company. Versions of Synology Active Backup for Business Agent prior to 3.1.0-4967 contained a access control vulnerability caused by a source verification erro...

6.1CVSS5.8AI score0.00086EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Synology ActiveProtect Agent 访问控制错误漏洞

Synology ActiveProtect Agent is a terminal data backup and recovery agent provided by the Chinese company Synology. Versions of Synology ActiveProtect Agent prior to 1.1.0-0439 contained a access control vulnerability caused by a source validation error. This vulnerability could allow local users...

6.1CVSS5.8AI score0.00086EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43585

Name of the Vulnerable Software and Affected Versions Synology ActiveProtect Agent versions prior to 1.1.0-0439 Description An origin validation error occurs during installation, allowing local users to write arbitrary files with restricted content. Recommendations Update to version 1.1.0-0439 or...

6.1CVSS5.9AI score0.00086EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43577

Name of the Vulnerable Software and Affected Versions Synology BeeDrive for desktop versions prior to 1.3.2-13814 Description A flaw in the redis-server component allows local users to perform denial-of-service attacks, which occur when a system is overwhelmed to the point of becoming unavailable...

6.8CVSS5.4AI score0.00112EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.16 views

CVE-2026-9490

A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message message type 0x03 to the pipe, causing the service ...

6.8CVSS5.8AI score0.00173EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.11 views

CVE-2026-9489

NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with ...

8.5CVSS6.3AI score0.0012EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.12 views

HP LaserJet Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2013-4829)

HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices allow local users to read images of arbitrary scanned documents via unspecified vectors. This plugin only...

1.5CVSS5.9AI score0.00324EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/25 1:50 a.m.10 views

CVE-2026-9489

NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with ...

8.5CVSS6.3AI score0.0012EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

The nftablesnewset function in net/netfilter/nftablesapi.c in the Linux kernel before version 5.12.13 allows local users to cause a denial of service due to NULL pointer dereferencing and general protection faults, caused by the absence of initialization for nftsetelemexpralloc. A local user can...

5.5CVSS6.3AI score0.00316EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in sudo

In Sudo before 1.9.12p2, the sudoedit also known as -e feature improperly handles additional arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR. This allows a local attacker to append arbitrary entries to the list of files to process. This can lead to...

7.8CVSS7.5AI score0.55367EPSS
Exploits20References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in the screen

The socket.c file in GNU Screen, as of version 4.9.0, can be executed with the setuid or setgid flag set the default on platforms like Arch Linux and FreeBSD. This allows local users to send a privileged SIGHUP signal to any process ID, potentially causing a denial of service or disrupting the...

6.5CVSS6.6AI score0.0054EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in SQLite

The osunix.c file in SQLite before version 3.13.0 improperly implements the temporary directory search algorithm. This may allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impacts by leveraging the current working directory...

5.9CVSS6.6AI score0.0048EPSS
Exploits0References2
Rows per page
Query Builder