| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-12975 | imp | 0.55 | 8.5 | 0.00 | Jun 10, 2026 | Apicurio/apicurio-registry: apicurio-registry: Unhardened SAXParser in content-type detection leads to blind XXE / SSRF / billion-laughs DoS | ||
| CVE-2026-12992 | imp | 0.48 | 7.4 | 0.00 | Jun 10, 2026 | Apicurio/apicurio-registry: apicurio-registry: SSRF via wsdl4j import dereference in WSDL FULL validation | ||
| CVE-2026-12993 | mod | 0.42 | 6.5 | 0.00 | Jun 10, 2026 | Apicurio/apicurio-registry: apicurio-registry: XML entity-expansion denial of service via internal DTD subset | ||
| CVE-2026-24067 | Hig | 0.55 | 8.4 | 0.00 | Jun 10, 2026 | Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by obtaining the client's… | ||
| CVE-2026-24066 | Hig | 0.55 | 8.4 | 0.00 | Jun 10, 2026 | Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by checking only the subject.OU… | ||
| CVE-2026-11859 | Low | 0.13 | — | 0.00 | Jun 10, 2026 | An HTML injection vulnerability in the "fetch links" email sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting (XSS) in emails clients that render HTML emails. This issue affects Canarytokens: from Docker tag sha-c0f3cf142… | ||
| CVE-2026-3018 | Hig | 0.42 | 7.5 | 0.01 | Jun 10, 2026 | The Newsletters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘wpmlsubscriber_id’ parameter in all versions up to, and including, 4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL… | ||
| CVE-2026-11853 | Med | 0.42 | 6.5 | 0.00 | Jun 10, 2026 | Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages (.dsc) and upload artifacts (.changes) are manifest files that name the files that make up the artifact. The parser used to read these files in Debusine… | ||
| CVE-2026-11852 | Med | 0.42 | 6.5 | 0.00 | Jun 10, 2026 | Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see… | ||
| CVE-2025-6254 | Cri | 0.64 | 9.8 | 0.00 | Jun 10, 2026 | The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.6.8. This is due to the doctreat_process_registration() function not properly restricting the roles that a user can register with. This makes it possible for… | ||
| CVE-2026-9019 | Med | 0.42 | 6.4 | 0.00 | Jun 10, 2026 | The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'grid[properties][borderColor]' and 'grid[images][N][attachment_url]' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping.… | ||
| CVE-2026-8853 | Med | 0.29 | 4.4 | 0.00 | Jun 10, 2026 | The MW WP Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'memo' parameter in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level… | ||
| CVE-2026-8613 | Med | 0.42 | 6.4 | 0.00 | Jun 10, 2026 | The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'title_tag' Widget Setting in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated… | ||
| CVE-2026-10721 | Hig | 0.55 | — | 0.00 | Jun 10, 2026 | Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the in Permission, Cache, and Search components. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been placed in the… | ||
| CVE-2026-9067 | Cri | 0.59 | 9.1 | 0.00 | Jun 10, 2026 | The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload handlers and does not validate the actual content of uploaded files against the endpoint's intended media type, allowing unauthenticated users… | ||
| CVE-2026-9060 | Low | 0.23 | 3.5 | 0.00 | Jun 10, 2026 | The Store Locator WordPress plugin before 1.6.6 does not sanitize and escape one of its settings before storing it and outputting it on the Store Locator WordPress plugin before 1.6.6 admin page, allowing high-privileged users such as administrators to perform Stored Cross-Site… | ||
| CVE-2026-8071 | Hig | 0.50 | 8.8 | 0.00 | Jun 10, 2026 | The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute… | ||
| CVE-2026-3326 | Hig | 0.56 | 8.6 | 0.01 | Jun 10, 2026 | The Xstore WordPress theme before 9.7.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection | ||
| CVE-2026-29116 | Hig | 0.57 | — | 0.00 | Jun 10, 2026 | A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service. | ||
| CVE-2026-29115 | Med | 0.45 | — | 0.00 | Jun 10, 2026 | A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service. | ||
| CVE-2026-29114 | Low | 0.15 | — | 0.00 | Jun 10, 2026 | A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust… | ||
| CVE-2026-11815 | Med | 0.34 | — | 0.00 | Jun 10, 2026 | An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could lead to broken security expectations or remote code execution. | ||
| CVE-2026-10846 | Hig | 0.53 | — | 0.00 | Jun 10, 2026 | NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is… | ||
| CVE-2026-26241 | Cri | 0.59 | 9.1 | 0.00 | Jun 10, 2026 | A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later | ||
| CVE-2026-26240 | Cri | 0.59 | 9.1 | 0.00 | Jun 10, 2026 | A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later | ||
| CVE-2026-11837 | Hig | 0.47 | 7.3 | 0.00 | Jun 10, 2026 | A local privilege escalation vulnerability was found in the ansible.posix authorized_key module. The module's keyfile() function uses os.chown() instead of os.lchown() and opens files without O_NOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage… | ||
| CVE-2025-8444 | Med | 0.42 | 6.4 | 0.00 | Jun 10, 2026 | The Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the multiple parameters in all versions up to, and including, 2.6.7 due to insufficient input sanitization and… | ||
| CVE-2026-26239 | Hig | 0.53 | 8.1 | 0.00 | Jun 10, 2026 | A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5… | ||
| CVE-2026-26237 | Hig | 0.49 | 7.5 | 0.00 | Jun 10, 2026 | A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized actions. We have already fixed the vulnerability in the following version: QuMagie 2.9.0 and… | ||
| CVE-2026-24724 | Hig | 0.53 | 8.1 | 0.00 | Jun 10, 2026 | An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass intended access restrictions. We have already fixed the vulnerability in the following version: File… | ||
| CVE-2026-24720 | Med | 0.42 | 6.5 | 0.00 | Jun 10, 2026 | An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type… | ||
| CVE-2026-24719 | Hig | 0.47 | 7.2 | 0.01 | Jun 10, 2026 | A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the… | ||
| CVE-2026-24717 | Med | 0.42 | 6.5 | 0.00 | Jun 10, 2026 | A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the… | ||
| CVE-2026-24716 | Hig | 0.47 | 7.2 | 0.00 | Jun 10, 2026 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | ||
| CVE-2026-22899 | Med | 0.42 | 6.5 | 0.00 | Jun 10, 2026 | A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version:… | ||
| CVE-2026-22893 | Hig | 0.47 | 7.2 | 0.01 | Jun 10, 2026 | A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the… | ||
| CVE-2025-66281 | Hig | 0.47 | 7.2 | 0.00 | Jun 10, 2026 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions:… | ||
| CVE-2025-66280 | Hig | 0.47 | 7.2 | 0.00 | Jun 10, 2026 | An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the… | ||
| CVE-2025-66279 | Hig | 0.47 | 7.2 | 0.01 | Jun 10, 2026 | A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the… | ||
| CVE-2025-66273 | Hig | 0.47 | 7.2 | 0.01 | Jun 10, 2026 | A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the… | ||
| CVE-2025-62851 | Med | 0.29 | 4.4 | 0.00 | Jun 10, 2026 | A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the… | ||
| CVE-2025-62850 | Hig | 0.47 | 7.2 | 0.00 | Jun 10, 2026 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | ||
| CVE-2025-66276 | Cri | 0.64 | 9.8 | 0.00 | Jun 10, 2026 | QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later | ||
| CVE-2025-59382 | — | Low | 0.08 | — | 0.00 | Jun 10, 2026 | QTS, QuTS hero, QuTScloud are not affected. We have already fixed the vulnerability in the following version: | |
| CVE-2025-58468 | Med | 0.33 | — | 0.00 | Jun 10, 2026 | A cross-site request forgery (CSRF) vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version:… | ||
| CVE-2026-46532 | Med | 0.23 | 4.6 | 0.00 | Jun 10, 2026 | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser (avrc_pars_vendor_cmd() in components/bt/host/bluedroid/stack/avrc/avrc_pars_tg.c).… | ||
| CVE-2026-45542 | Hig | 0.39 | 7.1 | 0.00 | Jun 10, 2026 | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 (SRP6a) session-setup path of the protocomm component. The first-phase handler… | ||
| CVE-2026-45541 | Hig | 0.42 | 7.5 | 0.00 | Jun 10, 2026 | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esp_http_server component. While parsing the client-supplied… | ||
| CVE-2026-45329 | Hig | 0.39 | 7.1 | 0.00 | Jun 10, 2026 | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c validated only some of the caller-supplied pointer arguments, leaving input pointer… | ||
| CVE-2026-45328 | Cri | 0.53 | 9.3 | 0.00 | Jun 10, 2026 | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, the esp_tee component exposes secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c that bridge calls from the user application (i.e. the REE) to… |
- risk 0.55cvss 8.5epss 0.00
Apicurio/apicurio-registry: apicurio-registry: Unhardened SAXParser in content-type detection leads to blind XXE / SSRF / billion-laughs DoS
- risk 0.48cvss 7.4epss 0.00
Apicurio/apicurio-registry: apicurio-registry: SSRF via wsdl4j import dereference in WSDL FULL validation
- risk 0.42cvss 6.5epss 0.00
Apicurio/apicurio-registry: apicurio-registry: XML entity-expansion denial of service via internal DTD subset
- risk 0.55cvss 8.4epss 0.00
Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by obtaining the client's…
- risk 0.55cvss 8.4epss 0.00
Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by checking only the subject.OU…
- risk 0.13cvss —epss 0.00
An HTML injection vulnerability in the "fetch links" email sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting (XSS) in emails clients that render HTML emails. This issue affects Canarytokens: from Docker tag sha-c0f3cf142…
- risk 0.42cvss 7.5epss 0.01
The Newsletters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘wpmlsubscriber_id’ parameter in all versions up to, and including, 4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL…
- risk 0.42cvss 6.5epss 0.00
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages (.dsc) and upload artifacts (.changes) are manifest files that name the files that make up the artifact. The parser used to read these files in Debusine…
- risk 0.42cvss 6.5epss 0.00
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see…
- risk 0.64cvss 9.8epss 0.00
The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.6.8. This is due to the doctreat_process_registration() function not properly restricting the roles that a user can register with. This makes it possible for…
- risk 0.42cvss 6.4epss 0.00
The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'grid[properties][borderColor]' and 'grid[images][N][attachment_url]' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping.…
- risk 0.29cvss 4.4epss 0.00
The MW WP Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'memo' parameter in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level…
- risk 0.42cvss 6.4epss 0.00
The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'title_tag' Widget Setting in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…
- risk 0.55cvss —epss 0.00
Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the in Permission, Cache, and Search components. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been placed in the…
- risk 0.59cvss 9.1epss 0.00
The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload handlers and does not validate the actual content of uploaded files against the endpoint's intended media type, allowing unauthenticated users…
- risk 0.23cvss 3.5epss 0.00
The Store Locator WordPress plugin before 1.6.6 does not sanitize and escape one of its settings before storing it and outputting it on the Store Locator WordPress plugin before 1.6.6 admin page, allowing high-privileged users such as administrators to perform Stored Cross-Site…
- risk 0.50cvss 8.8epss 0.00
The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute…
- risk 0.56cvss 8.6epss 0.01
The Xstore WordPress theme before 9.7.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
- risk 0.57cvss —epss 0.00
A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service.
- risk 0.45cvss —epss 0.00
A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service.
- risk 0.15cvss —epss 0.00
A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust…
- risk 0.34cvss —epss 0.00
An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could lead to broken security expectations or remote code execution.
- risk 0.53cvss —epss 0.00
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is…
- risk 0.59cvss 9.1epss 0.00
A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later
- risk 0.59cvss 9.1epss 0.00
A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later
- risk 0.47cvss 7.3epss 0.00
A local privilege escalation vulnerability was found in the ansible.posix authorized_key module. The module's keyfile() function uses os.chown() instead of os.lchown() and opens files without O_NOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage…
- risk 0.42cvss 6.4epss 0.00
The Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the multiple parameters in all versions up to, and including, 2.6.7 due to insufficient input sanitization and…
- risk 0.53cvss 8.1epss 0.00
A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5…
- risk 0.49cvss 7.5epss 0.00
A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized actions. We have already fixed the vulnerability in the following version: QuMagie 2.9.0 and…
- risk 0.53cvss 8.1epss 0.00
An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass intended access restrictions. We have already fixed the vulnerability in the following version: File…
- risk 0.42cvss 6.5epss 0.00
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type…
- risk 0.47cvss 7.2epss 0.01
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the…
- risk 0.42cvss 6.5epss 0.00
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the…
- risk 0.47cvss 7.2epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- risk 0.42cvss 6.5epss 0.00
A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version:…
- risk 0.47cvss 7.2epss 0.01
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the…
- risk 0.47cvss 7.2epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions:…
- risk 0.47cvss 7.2epss 0.00
An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the…
- risk 0.47cvss 7.2epss 0.01
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the…
- risk 0.47cvss 7.2epss 0.01
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the…
- risk 0.29cvss 4.4epss 0.00
A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the…
- risk 0.47cvss 7.2epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- risk 0.64cvss 9.8epss 0.00
QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later
- risk 0.08cvss —epss 0.00
QTS, QuTS hero, QuTScloud are not affected. We have already fixed the vulnerability in the following version:
- risk 0.33cvss —epss 0.00
A cross-site request forgery (CSRF) vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version:…
- risk 0.23cvss 4.6epss 0.00
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser (avrc_pars_vendor_cmd() in components/bt/host/bluedroid/stack/avrc/avrc_pars_tg.c).…
- risk 0.39cvss 7.1epss 0.00
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 (SRP6a) session-setup path of the protocomm component. The first-phase handler…
- risk 0.42cvss 7.5epss 0.00
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esp_http_server component. While parsing the client-supplied…
- risk 0.39cvss 7.1epss 0.00
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c validated only some of the caller-supplied pointer arguments, leaving input pointer…
- risk 0.53cvss 9.3epss 0.00
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, the esp_tee component exposes secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c that bridge calls from the user application (i.e. the REE) to…