CVE-2023-44214
https://notcve.org/view.php?id=CVE-2023-44214
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. Divulgación de información sensible por falta de autorización. Los siguientes productos se ven afectados: Acronis Agent (Linux, macOS, Windows) antes de la compilación 35739. • https://security-advisory.acronis.com/advisories/SEC-5902 • CWE-862: Missing Authorization •
CVE-2023-44213
https://notcve.org/view.php?id=CVE-2023-44213
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 35739, Acronis Cyber Protect 16 (Windows) before build 37391. Divulgación de información sensible debido a la recopilación excesiva de información del sistema. Los siguientes productos se ven afectados: Acronis Agent (Windows) anterior a la compilación 35739. • https://security-advisory.acronis.com/advisories/SEC-5286 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVE-2023-44211
https://notcve.org/view.php?id=CVE-2023-44211
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 31637, Acronis Cyber Protect 16 (Linux, Windows) before build 37391. Divulgación y manipulación de información sensible por falta de autorización. Los siguientes productos se ven afectados: Acronis Agent (Linux, macOS, Windows) antes de la compilación 31637. • https://security-advisory.acronis.com/advisories/SEC-4061 • CWE-862: Missing Authorization •
CVE-2023-44212
https://notcve.org/view.php?id=CVE-2023-44212
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 31477. Divulgación y manipulación de información sensible por falta de autorización. Los siguientes productos se ven afectados: Acronis Agent (Linux, macOS, Windows) antes de la compilación 31477. • https://security-advisory.acronis.com/SEC-2159 https://security-advisory.acronis.com/advisories/SEC-5528 • CWE-862: Missing Authorization •
CVE-2023-43799 – The Altair Desktop Client Does Not Sanitize External URLs before passing them to the underlying system
https://notcve.org/view.php?id=CVE-2023-43799
Altair is a GraphQL Client. Prior to version 5.2.5, the Altair GraphQL Client Desktop Application does not sanitize external URLs before passing them to the underlying system. Moreover, Altair GraphQL Client also does not isolate the context of the renderer process. This affects versions of the software running on MacOS, Windows, and Linux. Version 5.2.5 fixes this issue. • https://github.com/altair-graphql/altair/releases/tag/v5.2.5 https://github.com/altair-graphql/altair/security/advisories/GHSA-9m5v-vrf6-fmvm • CWE-20: Improper Input Validation •