Page 136 of 15189 results (0.024 seconds)

CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-44207

https://notcve.org/view.php?id=CVE-2023-44207

27 Sep 2023 — Stored cross-site scripting (XSS) vulnerability in protection plan name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. Vulnerabilidad de cross-site scripting (XSS) almacenada en el nombre del plan de protección. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, Windows) antes de la build 35979. • https://security-advisory.acronis.com/advisories/SEC-5914 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.4EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-44206

https://notcve.org/view.php?id=CVE-2023-44206

27 Sep 2023 — Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. Divulgación y manipulación de información sensible por autorización indebida. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, Windows) antes de la compilación 35979. • https://security-advisory.acronis.com/advisories/SEC-5839 • CWE-639: Authorization Bypass Through User-Controlled Key •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-44159

https://notcve.org/view.php?id=CVE-2023-44159

27 Sep 2023 — Sensitive information disclosure due to cleartext storage of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. Divulgación de información confidencial debido al almacenamiento en texto claro de información confidencial. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, Windows) antes de la build 35979. • https://security-advisory.acronis.com/advisories/SEC-5787 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-44156

https://notcve.org/view.php?id=CVE-2023-44156

27 Sep 2023 — Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. Divulgación de información confidencial debido a spell-jacking. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, Windows) antes de la build 35979. • https://security-advisory.acronis.com/advisories/SEC-5124 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-44205

https://notcve.org/view.php?id=CVE-2023-44205

27 Sep 2023 — Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. Divulgación de información sensible por autorización inadecuada. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, Windows) antes de la compilación 35979. • https://security-advisory.acronis.com/advisories/SEC-4321 • CWE-639: Authorization Bypass Through User-Controlled Key •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-44161

https://notcve.org/view.php?id=CVE-2023-44161

27 Sep 2023 — Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. Manipulación de información confidencial debido a un Cross-Site Request Forgery (CSRF). Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, Windows) antes de la build 35979. • https://security-advisory.acronis.com/advisories/SEC-4084 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-44160

https://notcve.org/view.php?id=CVE-2023-44160

27 Sep 2023 — Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. Manipulación de información confidencial debido a un Cross-Site Request Forgery (CSRF). Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, Windows) antes de la build 35979. • https://security-advisory.acronis.com/advisories/SEC-4083 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-44158

https://notcve.org/view.php?id=CVE-2023-44158

27 Sep 2023 — Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. Divulgación de información confidencial debido a un enmascaramiento insuficiente del campo token. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, Windows) antes de la build 35979. • https://security-advisory.acronis.com/advisories/SEC-4071 • CWE-522: Insufficiently Protected Credentials •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-44157

https://notcve.org/view.php?id=CVE-2023-44157

27 Sep 2023 — Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 35979. Escalada de privilegios locales debido a permisos de carpetas inseguros. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Windows) anterior a la build 35979. • https://security-advisory.acronis.com/advisories/SEC-3956 • CWE-276: Incorrect Default Permissions •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-44155

https://notcve.org/view.php?id=CVE-2023-44155

27 Sep 2023 — Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. Se filtra información confidencial a través de archivos de log. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, Windows) antes de la build 35979. • https://security-advisory.acronis.com/advisories/SEC-3471 • CWE-532: Insertion of Sensitive Information into Log File •