Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2022-27617

Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated users to…

Devamını oku

CVE-2022-27618

Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology Storage Analyzer before 2.1.0-0390 allows remote authenticated users…

Devamını oku

CVE-2022-27619

Cleartext transmission of sensitive information vulnerability in authentication management in Synology Note Station Client before 2.2.2-609 allows man-in-the-middle attackers to obtain sensitive information via unspecified…

Devamını oku

CVE-2022-27620

Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology SSO Server before 2.2.3-0331 allows remote authenticated users…

Devamını oku

CVE-2022-27616

Improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability in webapi component in Synology DiskStation Manager (DSM) before 7.0.1-42218-3 allows…

Devamını oku

CVE-2022-29807

A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for remote code execution via download_agent_installer.php. Zafiyet ile…

Devamını oku

CVE-2022-29808

In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation occurs when appliance linking is enabled. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Devamını oku

CVE-2022-30285

In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash collision is possible during authentication. This may allow authentication with invalid credentials. Zafiyet ile…

Devamını oku

CVE-2022-2631

Improper Access Control in GitHub repository tooljet/tooljet prior to v1.19.0. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

Devamını oku

CVE-2022-30571

The iWay Service Manager Console component of TIBCO Software Inc.’s TIBCO iWay Service Manager contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow…

Devamını oku