Vendor CVEs
Qnap
All CVEs
486 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-52431 | 0.00 | — | 0.00 | Jan 2, 2026 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52430 | 0.00 | — | 0.00 | Jan 2, 2026 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52426 | 0.00 | — | 0.00 | Jan 2, 2026 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-47208 | 0.00 | — | 0.00 | Jan 2, 2026 | An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from… | |||
| CVE-2025-44013 | 0.00 | — | 0.00 | Jan 2, 2026 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in… | |||
| CVE-2025-62847 | 0.00 | — | 0.01 | Dec 16, 2025 | An improper neutralization of argument delimiters in a command vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to alter execution logic. We have already fixed the vulnerability in the… | |||
| CVE-2025-62848 | 0.00 | — | 0.01 | Dec 16, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions:… | |||
| CVE-2025-62849 | 0.00 | — | 0.01 | Dec 16, 2025 | An SQL injection vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297… | |||
| CVE-2025-57712 | 0.00 | — | 0.00 | Nov 7, 2025 | A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following… | |||
| CVE-2025-58469 | 0.00 | — | 0.00 | Nov 7, 2025 | A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center… | |||
| CVE-2025-54153 | 0.00 | — | 0.00 | Oct 3, 2025 | An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central… | |||
| CVE-2025-53407 | 0.00 | — | 0.00 | Oct 3, 2025 | A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already… | |||
| CVE-2025-53406 | 0.00 | — | 0.00 | Oct 3, 2025 | A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already… | |||
| CVE-2025-52866 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52862 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52860 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52859 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52858 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52857 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52855 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52854 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52853 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52433 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52432 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52429 | 0.00 | — | 0.00 | Oct 3, 2025 | A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already… | |||
| CVE-2025-52428 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52427 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-52424 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-48730 | 0.00 | — | 0.00 | Oct 3, 2025 | A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already… | |||
| CVE-2025-48729 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-48728 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-48727 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-48726 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-47214 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-47213 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the… | |||
| CVE-2025-47212 | 0.00 | — | 0.01 | Oct 3, 2025 | A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the… | |||
| CVE-2025-47211 | 0.00 | — | 0.01 | Oct 3, 2025 | A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the… | |||
| CVE-2025-44014 | 0.00 | — | 0.00 | Oct 3, 2025 | An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: Qsync Central… | |||
| CVE-2025-44010 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version:… | |||
| CVE-2025-44008 | 0.00 | — | 0.00 | Oct 3, 2025 | A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version:… | |||
| CVE-2025-44007 | 0.00 | — | 0.00 | Oct 3, 2025 | An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type… | |||
| CVE-2025-44006 | 0.00 | — | 0.00 | Oct 3, 2025 | An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type… | |||
| CVE-2025-33037 | 0.00 | — | 0.00 | Aug 29, 2025 | A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following… | |||
| CVE-2025-33036 | 0.00 | — | 0.00 | Aug 29, 2025 | A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following… | |||
| CVE-2025-33033 | 0.00 | — | 0.00 | Aug 29, 2025 | A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following… | |||
| CVE-2025-33032 | 0.00 | — | 0.00 | Aug 29, 2025 | A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the… | |||
| CVE-2025-30274 | 0.00 | — | 0.00 | Aug 29, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145… | |||
| CVE-2025-30273 | 0.00 | — | 0.00 | Aug 29, 2025 | An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following… | |||
| CVE-2025-30272 | 0.00 | — | 0.00 | Aug 29, 2025 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145… | |||
| CVE-2025-30271 | 0.00 | — | 0.00 | Aug 29, 2025 | A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability… |
- CVE-2025-52431Jan 2, 2026risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52430Jan 2, 2026risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52426Jan 2, 2026risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-47208Jan 2, 2026risk 0.00cvss —epss 0.00
An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from…
- CVE-2025-44013Jan 2, 2026risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in…
- CVE-2025-62847Dec 16, 2025risk 0.00cvss —epss 0.01
An improper neutralization of argument delimiters in a command vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to alter execution logic. We have already fixed the vulnerability in the…
- CVE-2025-62848Dec 16, 2025risk 0.00cvss —epss 0.01
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions:…
- CVE-2025-62849Dec 16, 2025risk 0.00cvss —epss 0.01
An SQL injection vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297…
- CVE-2025-57712Nov 7, 2025risk 0.00cvss —epss 0.00
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following…
- CVE-2025-58469Nov 7, 2025risk 0.00cvss —epss 0.00
A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center…
- CVE-2025-54153Oct 3, 2025risk 0.00cvss —epss 0.00
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central…
- CVE-2025-53407Oct 3, 2025risk 0.00cvss —epss 0.00
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already…
- CVE-2025-53406Oct 3, 2025risk 0.00cvss —epss 0.00
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already…
- CVE-2025-52866Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52862Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52860Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52859Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52858Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52857Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52855Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52854Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52853Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52433Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52432Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52429Oct 3, 2025risk 0.00cvss —epss 0.00
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already…
- CVE-2025-52428Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52427Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-52424Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-48730Oct 3, 2025risk 0.00cvss —epss 0.00
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already…
- CVE-2025-48729Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-48728Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-48727Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-48726Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-47214Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-47213Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…
- CVE-2025-47212Oct 3, 2025risk 0.00cvss —epss 0.01
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the…
- CVE-2025-47211Oct 3, 2025risk 0.00cvss —epss 0.01
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the…
- CVE-2025-44014Oct 3, 2025risk 0.00cvss —epss 0.00
An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: Qsync Central…
- CVE-2025-44010Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version:…
- CVE-2025-44008Oct 3, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version:…
- CVE-2025-44007Oct 3, 2025risk 0.00cvss —epss 0.00
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type…
- CVE-2025-44006Oct 3, 2025risk 0.00cvss —epss 0.00
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type…
- CVE-2025-33037Aug 29, 2025risk 0.00cvss —epss 0.00
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following…
- CVE-2025-33036Aug 29, 2025risk 0.00cvss —epss 0.00
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following…
- CVE-2025-33033Aug 29, 2025risk 0.00cvss —epss 0.00
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following…
- CVE-2025-33032Aug 29, 2025risk 0.00cvss —epss 0.00
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the…
- CVE-2025-30274Aug 29, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145…
- CVE-2025-30273Aug 29, 2025risk 0.00cvss —epss 0.00
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following…
- CVE-2025-30272Aug 29, 2025risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145…
- CVE-2025-30271Aug 29, 2025risk 0.00cvss —epss 0.00
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability…
Page 4 of 10