|
201
|
7.4 |
HIGH
Local
|
-
|
-
|
A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J (Blu-ray Disc Java) sandbox can be escaped through a malformed JAR file.
New
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2025-64390
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202
|
- |
|
-
|
-
|
Out of bounds write and reads in openSeaChest’s --showSCSIDefects in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing defect information out of bounds for very large defe…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10717
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203
|
- |
|
-
|
-
|
Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 by…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10718
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
204
|
- |
|
-
|
-
|
Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a val…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10719
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
205
|
7.8 |
HIGH
Local
|
-
|
-
|
An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users t…
New
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2022-49036
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
206
|
7.8 |
HIGH
Local
|
-
|
-
|
An inclusion of functionality from untrusted control sphere vulnerability in MinGW DLL component in Synology Hyper Backup Explorer before 3.0.1-0156 allows local users to execute arbitrary code via u…
New
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2022-49042
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207
|
5.9 |
MEDIUM
Network
|
-
|
-
|
A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential.
New
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2023-52951
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208
|
4.1 |
MEDIUM
Network
|
-
|
-
|
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenti…
New
|
CWE-22
Path Traversal
|
CVE-2024-47263
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209
|
4.3 |
MEDIUM
Network
|
-
|
-
|
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated use…
New
|
CWE-22
Path Traversal
|
CVE-2024-47273
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210
|
4.4 |
MEDIUM
Local
|
-
|
-
|
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior t…
New
|
CWE-843
Type Confusion
|
CVE-2026-45702
|
2026-06-5 00:35 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
