PT-2025-12669 · Kentico · Kentico Xperience

Name of the Vulnerable Software and Affected Versions: Kentico Xperience versions through 13.0.178 Description: An authentication bypass issue in Kentico Xperience allows attackers to bypass authentication via the Staging Sync Server component's password handling for the server-defined None type...

PT-2025-12671

Name of the Vulnerable Software and Affected Versions Kentico Xperience versions prior to 13.0.179 Description An authenticated remote code execution issue allows authenticated users of the Staging Sync Server to upload arbitrary data to path relative locations. This leads to path traversal and...

CVE-2024-39669

In the Console in Soffid IAM before 3.5.39, necessary checks were not applied to some Java objects. A malicious agent could possibly execute arbitrary code in the Sync Server and compromise security...

CVE-2024-39669

In the Console in Soffid IAM before 3.5.39, necessary checks were not applied to some Java objects. A malicious agent could possibly execute arbitrary code in the Sync Server and compromise security...

Sinter - A User-Mode Application Authorization System For MacOS Written In Swift

Sinter is a 100% user-mode endpoint security agent for macOS 10.15 and above, written in Swift. Sinter uses the user-mode EndpointSecurity API to subscribe to and receive authorization callbacks from the macOS kernel, for a set of security-relevant event types. The current version of Sinter...

Sybase M-Business Anywhere (AvantGo) Sync Server Detection

The remote service is a Sybase M-Business Anywhere formerly AvantGo Sync Server, which handles synchronization requests from a mobile device and determines whether to obtain requested pages from the source web server or from a shared cache on the Sync Server itself. C Tenable Network Security, In...