Qts
by Qnap
CVEs (273)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-21897 | 0.00 | — | 0.00 | Sep 6, 2024 | A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-51368 | 0.00 | — | 0.00 | Sep 6, 2024 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-51367 | 0.00 | — | 0.00 | Sep 6, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS… | |||
| CVE-2023-51366 | 0.00 | — | 0.00 | Sep 6, 2024 | A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-50366 | 0.00 | — | 0.00 | Sep 6, 2024 | A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2024-27129 | 0.00 | — | 0.01 | May 21, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2024-27128 | 0.00 | — | 0.01 | May 21, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2024-27127 | 0.00 | — | 0.01 | May 21, 2024 | A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute arbitrary code via a network. We have already fixed the vulnerability in the following version: QTS… | |||
| CVE-2024-21902 | 0.00 | — | 0.00 | May 21, 2024 | An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the… | |||
| CVE-2023-50361 | 0.00 | — | 0.01 | Apr 26, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-50362 | 0.00 | — | 0.01 | Apr 26, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-50363 | 0.00 | — | 0.00 | Apr 26, 2024 | An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-50364 | 0.00 | — | 0.01 | Apr 26, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2024-21905 | 0.00 | — | 0.00 | Apr 26, 2024 | An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2024-27124 | 0.00 | — | 0.01 | Apr 26, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build… | |||
| CVE-2024-32766 | 0.00 | — | 0.02 | Apr 26, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build… | |||
| CVE-2024-21901 | 0.00 | — | 0.19 | Mar 8, 2024 | A SQL injection vulnerability has been reported to affect myQNAPcloud. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: myQNAPcloud 1.0.52 (… | |||
| CVE-2023-34980 | 0.00 | — | 0.01 | Mar 8, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-50358 | 0.00 | — | 0.13 | Feb 13, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build… | |||
| CVE-2023-50359 | 0.00 | — | 0.00 | Feb 2, 2024 | An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via… |
- CVE-2024-21897Sep 6, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following…
- CVE-2023-51368Sep 6, 2024risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following…
- CVE-2023-51367Sep 6, 2024risk 0.00cvss —epss 0.00
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS…
- CVE-2023-51366Sep 6, 2024risk 0.00cvss —epss 0.00
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the…
- CVE-2023-50366Sep 6, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the…
- CVE-2024-27129May 21, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following…
- CVE-2024-27128May 21, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following…
- CVE-2024-27127May 21, 2024risk 0.00cvss —epss 0.01
A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute arbitrary code via a network. We have already fixed the vulnerability in the following version: QTS…
- CVE-2024-21902May 21, 2024risk 0.00cvss —epss 0.00
An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the…
- CVE-2023-50361Apr 26, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following…
- CVE-2023-50362Apr 26, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following…
- CVE-2023-50363Apr 26, 2024risk 0.00cvss —epss 0.00
An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. We have already fixed the vulnerability in the…
- CVE-2023-50364Apr 26, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following…
- CVE-2024-21905Apr 26, 2024risk 0.00cvss —epss 0.00
An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following…
- CVE-2024-27124Apr 26, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build…
- CVE-2024-32766Apr 26, 2024risk 0.00cvss —epss 0.02
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build…
- CVE-2024-21901Mar 8, 2024risk 0.00cvss —epss 0.19
A SQL injection vulnerability has been reported to affect myQNAPcloud. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: myQNAPcloud 1.0.52 (…
- CVE-2023-34980Mar 8, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…
- CVE-2023-50358Feb 13, 2024risk 0.00cvss —epss 0.13
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build…
- CVE-2023-50359Feb 2, 2024risk 0.00cvss —epss 0.00
An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via…
Page 9 of 14