Drive Client
by Synology
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-49041 | 0.00 | — | 0.00 | Sep 26, 2024 | Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors. | |||
| CVE-2022-49040 | 0.00 | — | 0.00 | Sep 26, 2024 | Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in connection management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors. | |||
| CVE-2022-49039 | 0.00 | — | 0.00 | Sep 26, 2024 | Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors. | |||
| CVE-2022-49038 | 0.00 | — | 0.00 | Sep 26, 2024 | Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors. | |||
| CVE-2022-49037 | 0.00 | — | 0.01 | Sep 26, 2024 | Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||
| CVE-2023-52946 | 0.00 | — | 0.01 | Sep 26, 2024 | Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors. |
- CVE-2022-49041Sep 26, 2024risk 0.00cvss —epss 0.00
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.
- CVE-2022-49040Sep 26, 2024risk 0.00cvss —epss 0.00
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in connection management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.
- CVE-2022-49039Sep 26, 2024risk 0.00cvss —epss 0.00
Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors.
- CVE-2022-49038Sep 26, 2024risk 0.00cvss —epss 0.00
Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors.
- CVE-2022-49037Sep 26, 2024risk 0.00cvss —epss 0.01
Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive information via unspecified vectors.
- CVE-2023-52946Sep 26, 2024risk 0.00cvss —epss 0.01
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors.