14 matches found
CVE-2026-2237
A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...
CVE-2026-2237
A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...
CVE-2026-2237
A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...
CVE-2026-2237
CVE-2026-2237 : A vulnerability in the Synology Storage Manager package (volume encryption) prior to version 1.0.1-1100 arises from using GET requests with sensitive query strings. This allows a local attacker to read sensitive information. Documents identify the affected component as the Storage...
CVE-2026-2237
A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...
CVE-2026-2237
A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...
EUVD-2026-32153
A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local attackers to obtain sensitive information...
PT-2026-43592
Name of the Vulnerable Software and Affected Versions Synology Storage Manager versions prior to 1.0.1-1100 Description A flaw in the volume encryption component allows local attackers to obtain sensitive information. This occurs because the application uses the GET request method with sensitive...
EUVD-2022-32119
Malicious code in bioql PyPI...
Virtuozzo Hybrid Infrastructure 6.3 (6.3.0-170)
In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover the compute service and our ecosystem of backup and disaster recovery solutions. Additionally, this release delivers stability and security improvements, and addresses issues found in previous releases...
CVE-2022-27618
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in webapi component in Synology Storage Analyzer before 2.1.0-0390 allows remote authenticated users to delete arbitrary files via unspecified vectors...
Path traversal
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in webapi component in Synology Storage Analyzer before 2.1.0-0390 allows remote authenticated users to delete arbitrary files via unspecified vectors...
CVE-2022-27618
CVE-2022-27618 affects Synology Storage Analyzer prior to 2.1.0-0390. The vulnerability is a Path Traversal in the webapi component that, if exploited by remote authenticated users, enables deletion of arbitrary files. The issue stems from improper restriction of pathnames to restricted directori...
CVE-2022-27618
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in webapi component in Synology Storage Analyzer before 2.1.0-0390 allows remote authenticated users to delete arbitrary files via unspecified vectors...