|
1591
|
6.1 |
MEDIUM
Local
|
-
|
-
|
An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content during installation.
|
CWE-346
Origin Validation Error
|
CVE-2025-66592
|
2026-05-27 23:54 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1592
|
6.1 |
MEDIUM
Local
|
-
|
-
|
An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content during installation.
|
CWE-346
Origin Validation Error
|
CVE-2025-66593
|
2026-05-27 23:54 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1593
|
6.2 |
MEDIUM
Local
|
-
|
-
|
A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local attackers to obtain sensitive informatio…
|
CWE-598
Information Exposure Through Query Strings in GET Request
|
CVE-2026-2237
|
2026-05-27 23:54 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1594
|
8.0 |
HIGH
Adjacent
|
-
|
-
|
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-3012
|
2026-05-27 23:54 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1595
|
4.2 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in Keycloak, an open-source identity and access management solution. When a client application is configured to accept broad redirect Uniform Resource Identifiers (URIs), a remote at…
|
CWE-1288
Improper Validation of Consistency within Input
|
CVE-2026-9689
|
2026-05-27 23:54 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1596
|
7.1 |
HIGH
Network
|
-
|
-
|
A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem wri…
|
CWE-284
Improper Access Control
|
CVE-2026-1933
|
2026-05-27 23:54 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1597
|
6.8 |
MEDIUM
Network
|
-
|
-
|
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-an…
|
CWE-89
SQL Injection
|
CVE-2026-9617
|
2026-05-27 23:54 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1598
|
6.8 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subject_token JSON Web Token (JWT) to the TokenEndpoint. When the token …
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-9704
|
2026-05-27 23:54 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1599
|
5.3 |
MEDIUM
Network
|
-
|
-
|
IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-28765
|
2026-05-27 23:53 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1600
|
5.9 |
MEDIUM
Network
|
-
|
-
|
IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log…
|
CWE-521
Weak Password Requirements
|
CVE-2024-40684
|
2026-05-27 23:53 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
