{"vulnerability": "CVE-2023-5294", "sightings": [{"uuid": "ff94b00d-4c3f-413f-b137-5cfd8ebbae1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-52943", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113593312847342234", "content": "", "creation_timestamp": "2024-12-04T07:13:20.207705Z"}, {"uuid": "c58653f0-4578-494d-9354-5d69820cd864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-52944", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113593312862517141", "content": "", "creation_timestamp": "2024-12-04T07:13:20.940912Z"}, {"uuid": "336c8f01-0101-4342-a5b8-133c5d352d9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-52946", "type": "seen", "source": "https://t.me/cvedetector/6376", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-52946 - Synology Drive Client Buffer Copy Without Checking Size Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-52946 \nPublished : Sept. 26, 2024, 4:15 a.m. | 40\u00a0minutes ago \nDescription : Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T07:06:01.000000Z"}, {"uuid": "00204207-68e1-4c80-b0ec-f613c904cb1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-52943", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113593299967749365", "content": "", "creation_timestamp": "2024-12-04T07:10:03.579845Z"}, {"uuid": "45307199-f80a-4d5e-869b-e6a23c78e8ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-52944", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113593299983622109", "content": "", "creation_timestamp": "2024-12-04T07:10:03.931918Z"}, {"uuid": "f38e6ea4-24c0-4245-a135-48f077ec611f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-52943", "type": "seen", "source": "https://t.me/cvedetector/11955", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-52943 - Incorrect authorization vulnerability in Alert.Set\", \n  \"Content\": \"CVE ID : CVE-2023-52943 \nPublished : Dec. 4, 2024, 7:15 a.m. | 41\u00a0minutes ago \nDescription : Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to to perform limited actions on the alerting function via unspecified vectors. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T09:13:32.000000Z"}, {"uuid": "d53a2a9e-eceb-47ec-8120-ebbb406f5b61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-52944", "type": "seen", "source": "https://t.me/cvedetector/11953", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-52944 - Incorrect authorization vulnerability in ActionRul\", \n  \"Content\": \"CVE ID : CVE-2023-52944 \nPublished : Dec. 4, 2024, 7:15 a.m. | 41\u00a0minutes ago \nDescription : Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to perform limited actions on the set action rules function via unspecified vectors. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T09:13:31.000000Z"}, {"uuid": "1c30429a-719c-402d-9147-fc79ea2e1666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-52949", "type": "seen", "source": "https://t.me/cvedetector/6372", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-52949 - Synology Active Backup for Business Agent Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-52949 \nPublished : Sept. 26, 2024, 4:15 a.m. | 40\u00a0minutes ago \nDescription : Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T07:05:55.000000Z"}, {"uuid": "14ad1c27-7a35-4a65-80e1-864c32d7885f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-52948", "type": "seen", "source": "https://t.me/cvedetector/6371", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-52948 - Synology Active Backup for Business Agent Unauthenticated Local Data Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-52948 \nPublished : Sept. 26, 2024, 4:15 a.m. | 40\u00a0minutes ago \nDescription : Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors. \nSeverity: 5.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T07:05:54.000000Z"}, {"uuid": "4a2baffd-c22d-40b0-b2f7-91758851370c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-52947", "type": "seen", "source": "https://t.me/cvedetector/6370", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-52947 - Synology Active Backup for Business Agent Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2023-52947 \nPublished : Sept. 26, 2024, 4:15 a.m. | 40\u00a0minutes ago \nDescription : Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logout. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T07:05:54.000000Z"}]}