Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credenti
Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified
Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential v
An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content and conduct denial-of-servic
Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecifie
A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files.
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23
An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in share file list functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and
A vulnerability in Synology Active Backup for Microsoft 365 allows remote authenticated attackers to obtain sensitive information via unspecified vectors.
Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to obta
Origin validation error vulnerability in Synology ActiveProtect Agent before 1.1.0-0439 allows local users to write arbitrary files with restricted content and conduct denial-of-service during install
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in agent-related functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2
Improper certificate validation vulnerability in the update functionality in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.1.1-42962-7, 7
Insufficiently protected credentials vulnerability in IPSpeaker component in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privil
Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.1.1-42962-7, 7.2-64570-4,
Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive information
Missing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attackers to read arbitrary files via unspecif
Improper certificate validation vulnerability in the LDAP utilities in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows man-in-the-middle attackers to hi
Cleartext transmission of sensitive information vulnerability in Export Key functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with admi
Page 1+ Next →