Filtered by vendor N-able
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-47132 | 1 N-able | 1 N-central | 2024-08-27 | N/A | 9.8 CRITICAL |
| An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain escalated privileges via API calls. | |||||
| CVE-2024-28200 | 1 N-able | 1 N-central | 2024-08-22 | N/A | 9.8 CRITICAL |
| The N-central server is vulnerable to an authentication bypass of the user interface. This vulnerability is present in all deployments of N-central prior to 2024.2. This vulnerability was discovered through internal N-central source code review and N-able has not observed any exploitation in the wild. | |||||
| CVE-2023-47131 | 4 Google, Microsoft, Mozilla and 1 more | 4 Chrome, Edge, Firefox and 1 more | 2024-08-19 | N/A | 7.5 HIGH |
| The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file. | |||||
| CVE-2023-27470 | 2 Microsoft, N-able | 2 Windows, Take Control | 2024-02-28 | N/A | 7.0 HIGH |
| BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion. | |||||
| CVE-2023-30297 | 1 N-able | 1 N-central | 2024-02-28 | N/A | 7.0 HIGH |
| An issue found in N-able Technologies N-central Server before 2023.4 allows a local attacker to execute arbitrary code via the monitoring function of the server. | |||||