VYPR

Vendor CVEs

Qnap

All CVEs

486 total · sorted by risk
  • CVE-2024-29229Mar 28, 2024
    risk 0.00cvss epss 0.01

    Missing authorization vulnerability in GetLiveViewPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors.

  • CVE-2024-29228Mar 28, 2024
    risk 0.00cvss epss 0.01

    Missing authorization vulnerability in GetStmUrlPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors.

  • CVE-2024-29227Mar 28, 2024
    risk 0.00cvss epss 0.01

    Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Layout.LayoutSave webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to read database containing non-sensitive…

  • CVE-2024-21901Mar 8, 2024
    risk 0.00cvss epss 0.19

    A SQL injection vulnerability has been reported to affect myQNAPcloud. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: myQNAPcloud 1.0.52 (…

  • CVE-2023-32969Mar 8, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions:…

  • CVE-2023-34980Mar 8, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…

  • CVE-2023-47221Mar 8, 2024
    risk 0.00cvss epss 0.00

    A path traversal vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the…

  • CVE-2023-50358Feb 13, 2024
    risk 0.00cvss epss 0.13

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build…

  • CVE-2023-50359Feb 2, 2024
    risk 0.00cvss epss 0.00

    An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via…

  • CVE-2023-47568Feb 2, 2024
    risk 0.00cvss epss 0.01

    A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS…

  • CVE-2023-47567Feb 2, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…

  • CVE-2023-47566Feb 2, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…

  • CVE-2023-47562Feb 2, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15…

  • CVE-2023-47561Feb 2, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 (…

  • CVE-2023-45037Feb 2, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-45036Feb 2, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-45035Feb 2, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-45028Feb 2, 2024
    risk 0.00cvss epss 0.00

    An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the…

  • CVE-2023-45027Feb 2, 2024
    risk 0.00cvss epss 0.00

    A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed…

  • CVE-2023-45026Feb 2, 2024
    risk 0.00cvss epss 0.00

    A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed…

  • CVE-2023-45025Feb 2, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build…

  • CVE-2023-41292Feb 2, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-41283Feb 2, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…

  • CVE-2023-41282Feb 2, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…

  • CVE-2023-41281Feb 2, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…

  • CVE-2023-41280Feb 2, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-41279Feb 2, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-41278Feb 2, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-41277Feb 2, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-41276Feb 2, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-41275Feb 2, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-41274Feb 2, 2024
    risk 0.00cvss epss 0.00

    A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the…

  • CVE-2023-41273Feb 2, 2024
    risk 0.00cvss epss 0.01

    A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following…

  • CVE-2023-39303Feb 2, 2024
    risk 0.00cvss epss 0.00

    An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following…

  • CVE-2023-39297Feb 2, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS…

  • CVE-2023-39302Feb 2, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…

  • CVE-2023-32967Feb 2, 2024
    risk 0.00cvss epss 0.00

    An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. QTS 5.x, QuTS hero are not affected. We have…

  • CVE-2023-39294Jan 5, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…

  • CVE-2023-39296Jan 5, 2024
    risk 0.00cvss epss 0.02

    A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to override existing attributes with ones that have incompatible type, which may lead to a crash via a network. We have…

  • CVE-2023-41287Jan 5, 2024
    risk 0.00cvss epss 0.01

    A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later

  • CVE-2023-41288Jan 5, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later

  • CVE-2023-41289Jan 5, 2024
    risk 0.00cvss epss 0.01

    An OS command injection vulnerability has been reported to affect QcalAgent. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QcalAgent 1.1.8 and later

  • CVE-2023-45044Jan 5, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-45043Jan 5, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-45042Jan 5, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-45041Jan 5, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-45040Jan 5, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-45039Jan 5, 2024
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-32968Dec 8, 2023
    risk 0.00cvss epss 0.01

    A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…

  • CVE-2023-23372Dec 8, 2023
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS…

Page 7 of 10