VYPR

Qts

by Qnap

CVEs (273)

  • CVE-2024-53693Mar 7, 2025
    risk 0.00cvss epss 0.00

    An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify application data. We have already…

  • CVE-2024-53692Mar 7, 2025
    risk 0.00cvss epss 0.01

    A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the…

  • CVE-2024-50405Mar 7, 2025
    risk 0.00cvss epss 0.00

    An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify application data. We…

  • CVE-2024-38638Mar 7, 2025
    risk 0.00cvss epss 0.00

    An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. QTS 5.2.x/QuTS hero h5.2.x are not affected. …

  • CVE-2022-27600Dec 19, 2024
    risk 0.00cvss epss 0.01

    An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the…

  • CVE-2024-50403Dec 6, 2024
    risk 0.00cvss epss 0.00

    A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have…

  • CVE-2024-50402Dec 6, 2024
    risk 0.00cvss epss 0.01

    A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have…

  • CVE-2024-50393Dec 6, 2024
    risk 0.00cvss epss 0.01

    A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954…

  • CVE-2024-48868Dec 6, 2024
    risk 0.00cvss epss 0.00

    An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to modify application data. We have already fixed the vulnerability in…

  • CVE-2024-48867Dec 6, 2024
    risk 0.00cvss epss 0.00

    An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to modify application data. We have already fixed the vulnerability in…

  • CVE-2024-48866Dec 6, 2024
    risk 0.00cvss epss 0.00

    An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to run the system into unexpected state. We have already fixed the vulnerability in…

  • CVE-2024-48865Dec 6, 2024
    risk 0.00cvss epss 0.00

    An improper certificate validation vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow attackers with local network access to compromise the security of the system. We have already fixed the vulnerability…

  • CVE-2024-48859Dec 6, 2024
    risk 0.00cvss epss 0.01

    An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following versions:…

  • CVE-2024-37041Nov 22, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the…

  • CVE-2024-37042Nov 22, 2024
    risk 0.00cvss epss 0.01

    A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. We have already fixed the…

  • CVE-2024-37043Nov 22, 2024
    risk 0.00cvss epss 0.01

    A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read the contents of unexpected files and expose sensitive data. We have…

  • CVE-2024-37044Nov 22, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the…

  • CVE-2024-37045Nov 22, 2024
    risk 0.00cvss epss 0.01

    A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. We have already fixed the…

  • CVE-2024-37046Nov 22, 2024
    risk 0.00cvss epss 0.01

    A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read the contents of unexpected files and expose sensitive data. We have…

  • CVE-2024-37047Nov 22, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the…

Page 7 of 14