Lucene search
K

122 matches found

Fedora
Fedora
added 2023/11/18 1:27 a.m.20 views

[SECURITY] Fedora 38 Update: syncthing-1.26.0-1.fc38

Syncthing replaces other file synchronization services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it's transmitted over the Internet. Using syncthing, that control is...

7.5CVSS7.7AI score0.03796EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/17 12:0 a.m.31 views

Fedora 37 : syncthing (2023-fa2d7b25d9)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-fa2d7b25d9 advisory. Update to version 1.26.0. Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.26.0 Tenable has extracted the preceding description block...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/17 12:0 a.m.10 views

Fedora 38 : syncthing (2023-d58c8eeb7c)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-d58c8eeb7c advisory. Update to version 1.26.0. Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.26.0 Tenable has extracted the preceding description block...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/17 12:0 a.m.26 views

Fedora 39 : syncthing (2023-0d46257314)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-0d46257314 advisory. Update to version 1.26.0. Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.26.0 Tenable has extracted the preceding description block...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/06/19 12:0 a.m.25 views

Debian: Security Advisory (DLA-3455-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.21052EPSS
Exploits8References4
OpenVAS
OpenVAS
added 2023/06/17 12:0 a.m.12 views

Fedora: Security Advisory for syncthing (FEDORA-2023-39eb10ec3c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS5.6AI score0.00778EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/06/17 12:0 a.m.10 views

Fedora: Security Advisory for syncthing (FEDORA-2023-bf86df7ee8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS5.6AI score0.00778EPSS
Exploits1References2
Debian
Debian
added 2023/06/16 9:31 p.m.43 views

[SECURITY] [DLA 3455-1] golang-go.crypto security update

Debian LTS Advisory DLA-3455-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 16, 2023 https://wiki.debian.org/LTS Package : golang-go.crypto Version : 1:0.0git20181203.505ab14-1+deb10u1 CVE ID : CVE-2019-11840 CVE-2019-11841 CVE-2020-9283 Debian Bug : 95246...

7.5CVSS7AI score0.21052EPSS
Exploits8
Fedora
Fedora
added 2023/06/16 2:22 a.m.32 views

[SECURITY] Fedora 38 Update: syncthing-1.23.5-1.fc38

Syncthing replaces other file synchronization services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it's transmitted over the Internet. Using syncthing, that control is...

5.4CVSS7AI score0.00778EPSS
Exploits1
Fedora
Fedora
added 2023/06/16 2:15 a.m.17 views

[SECURITY] Fedora 37 Update: syncthing-1.23.5-1.fc37

Syncthing replaces other file synchronization services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it's transmitted over the Internet. Using syncthing, that control is...

5.4CVSS7AI score0.00778EPSS
Exploits1
Veracode
Veracode
added 2023/06/16 2:14 a.m.15 views

Cross-site Scripting (XSS)

github.com/syncthing/syncthing is vulnerable to Cross-site Scripting XSS. The vulnerability is caused by a compromised instance with shared folders hosting malicious files, if the owner of another instance looks over the shared folder settings and moves the mouse over the latest sync, this allows...

5.4CVSS6.4AI score0.00778EPSS
Exploits1References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/06/16 12:0 a.m.12 views

Fedora 37 : syncthing (2023-bf86df7ee8)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-bf86df7ee8 advisory. Update to version 1.23.5. Addresses CVE-2022-46165. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

5.4CVSS5.7AI score0.00778EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/06/16 12:0 a.m.13 views

Fedora 38 : syncthing (2023-39eb10ec3c)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-39eb10ec3c advisory. Update to version 1.23.5. Addresses CVE-2022-46165. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

5.4CVSS5.7AI score0.00778EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2023/06/16 12:0 a.m.3 views

Security update for syncthing (moderate)

openSUSE Security Update: Security update for syncthing Announcement ID: openSUSE-SU-2023:0126-1 Rating: moderate References: 1212085 Cross-References: CVE-2022-46165 CVSS scores: CVE-2022-46165 NVD : 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N CVE-2022-46165 SUSE: 4.6...

4.6CVSS6.1AI score0.00778EPSS
Exploits1References1
OSV
OSV
added 2023/06/12 2:1 p.m.4 views

OPENSUSE-SU-2023:0126-1 Security update for syncthing

This update for syncthing fixes the following issues: - Update to 1.13.5 This release fixes CVE-2022-46165 “Cross-site Scripting XSS in Web GUI” Bugfixes: 8503: 'syncthing cli config devices add' reflect error when using --addresses flag 8764: Ignore patterns creating during folder addition are n...

5.4CVSS5.5AI score0.00778EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/06/07 2:24 a.m.2 views

SUSE CVE-2022-46165

Syncthing is an open source, continuous file synchronization program. In versions prior to 1.23.5 a compromised instance with shared folders could sync malicious files which contain arbitrary HTML and JavaScript in the name. If the owner of another device looks over the shared folder settings and...

4.6CVSS6AI score0.00778EPSS
Exploits1References4
NVD
NVD
added 2023/06/06 6:15 p.m.13 views

CVE-2022-46165

Syncthing is an open source, continuous file synchronization program. In versions prior to 1.23.5 a compromised instance with shared folders could sync malicious files which contain arbitrary HTML and JavaScript in the name. If the owner of another device looks over the shared folder settings and...

5.4CVSS4.8AI score0.00778EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2023/06/06 6:15 p.m.20 views

CVE-2022-46165

Syncthing is an open source, continuous file synchronization program. In versions prior to 1.23.5 a compromised instance with shared folders could sync malicious files which contain arbitrary HTML and JavaScript in the name. If the owner of another device looks over the shared folder settings and...

5.4CVSS6.5AI score0.00778EPSS
Exploits1
Prion
Prion
added 2023/06/06 6:15 p.m.17 views

Cross site scripting

Syncthing is an open source, continuous file synchronization program. In versions prior to 1.23.5 a compromised instance with shared folders could sync malicious files which contain arbitrary HTML and JavaScript in the name. If the owner of another device looks over the shared folder settings and...

4.9CVSS5.2AI score0.00778EPSS
Exploits1References4Affected Software1
UbuntuCve
UbuntuCve
added 2023/06/06 6:15 p.m.17 views

CVE-2022-46165

Syncthing is an open source, continuous file synchronization program. In versions prior to 1.23.5 a compromised instance with shared folders could sync malicious files which contain arbitrary HTML and JavaScript in the name. If the owner of another device looks over the shared folder settings and...

5.4CVSS5.5AI score0.00778EPSS
Exploits1References3
Rows per page
Query Builder