CVE-2024-10442

Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code, potentially leading to a broader impact across the...

CVE-2024-10442

Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code, potentially leading to a broader impact across the...

CVE-2024-10442

CVE-2024-10442 affects Synology Replication Service and Synology Unified Controller (DSMUC). The vulnerability is an off-by-one error in the transmission component that can allow remote attackers to execute arbitrary code. Affected versions include Replication Service before 1.0.12-0066, 1.2.2-03...

CVE-2024-10442

Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code, potentially leading to a broader impact across the...

Synology Replication Service 安全漏洞

Synology Replication Service is a software from Synology China used to synchronize files between different NAS or storage devices. It is used to ensure data consistency and synchronization between different storage devices. A security vulnerability exists in Synology Replication Service, which...

PT-2025-11958

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions prior to 12.3.1 Description A deserialization flaw exists in Veeam Backup & Replication, where the application improperly handles serialized data. This allows an authenticated domain user or a member of the...

Is Security Human Factors Research Skewed Towards Western Ideas and Habits?

Really interesting research: "How WEIRD is Usable Privacy and Security Research?" by Ayako A. Hasegawa Daisuke Inoue, and Mitsuaki Akiyama: Abstract : In human factor fields such as human-computer interaction HCI and psychology, researchers have been concerned that participants mostly come from...

RLSA-2025:1671 Important: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details CVEID:CVE-2023-33850 DESCRIPTION: IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. B...

Security Bulletin: InfoSphere Data Replication is affected by postgresql vulnerbility

Summary InfoSphere Data Replication uses postgresql. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-1597 DESCRIPTION: PostgreSQL JDBC Driver PgJDBC is vulnerable to SQL injection. A remote attacker could send specially crafted SQL...

Security Bulletin: InfoSphere Data Replication is affected by a Snappy-Java vulnerability (CVE-2023-43642)

Summary InfoSphere Data Replication uses Snappy-Java. This bulletin identifies the steps to take to address the vulnerability in that package. Vulnerability Details CVEID:CVE-2023-43642 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by missing upper bound check on chunk...

CVE-2024-48248

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...

CVE-2024-48248

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...

CVE-2024-48248

CVE-2024-48248 affects NAKIVO Backup & Replication prior to 11.0.0.88174. The vulnerability is an absolute path traversal via getImageByPath to /c/router, leading to unauthenticated arbitrary file read with potential remote code execution across the enterprise when cleartext credentials are expos...

CVE-2024-48248

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...

Nakivo Backup & Replication 安全漏洞

Nakivo Backup & Replication is a reliable, fast and affordable virtual machine backup solution from Nakivo, U.S.A. NAKIVO Backup & Replication provides reliable, fast and affordable virtual machine data protection for VMware environments. Specifically designed for virtualization, the product...

NAKIVO Backup & Replication < 11.0.0.88174 Arbitrary File Read

NAKIVO Backup & Replication versions prior to 11.0.0.88174 are vulnerable are affected by a vulnerability allowing an unauthenticated attacker to read arbitrary files on the system via a specially crafted request. No source data...

PT-2025-8692 · Nakivo · Nakivo Backup & Replication

Name of the Vulnerable Software and Affected Versions: NAKIVO Backup & Replication versions prior to 11.0.0.88174 Description: The issue is related to an absolute path traversal vulnerability in NAKIVO Backup & Replication, allowing unauthorized access to sensitive files. This may lead to remote...

Release Information for Proxmox Virtual Environment Plug-In v12.1.3.217

Update: 2025-03-19 Consider the following regarding the Proxmox Virtual Environment Plug-In: The Plug-in build on this page, 12.1.3.217, is included automatically when upgrading to or installing Veeam Backup & Replication 12.3.1. The Plug-in only needs to be manually deployed by customers still...

mysql: Group Replication GCS unspecified vulnerability (CPU Oct 2024)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication GCS. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple...