Vendor CVEs
Qnap
All CVEs
486 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-29229 | 0.00 | — | 0.01 | Mar 28, 2024 | Missing authorization vulnerability in GetLiveViewPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||
| CVE-2024-29228 | 0.00 | — | 0.01 | Mar 28, 2024 | Missing authorization vulnerability in GetStmUrlPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||
| CVE-2024-29227 | 0.00 | — | 0.01 | Mar 28, 2024 | Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Layout.LayoutSave webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to read database containing non-sensitive… | |||
| CVE-2024-21901 | 0.00 | — | 0.19 | Mar 8, 2024 | A SQL injection vulnerability has been reported to affect myQNAPcloud. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: myQNAPcloud 1.0.52 (… | |||
| CVE-2023-32969 | 0.00 | — | 0.00 | Mar 8, 2024 | A cross-site scripting (XSS) vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions:… | |||
| CVE-2023-34980 | 0.00 | — | 0.01 | Mar 8, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-47221 | 0.00 | — | 0.00 | Mar 8, 2024 | A path traversal vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-50358 | 0.00 | — | 0.13 | Feb 13, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build… | |||
| CVE-2023-50359 | 0.00 | — | 0.00 | Feb 2, 2024 | An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via… | |||
| CVE-2023-47568 | 0.00 | — | 0.01 | Feb 2, 2024 | A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS… | |||
| CVE-2023-47567 | 0.00 | — | 0.01 | Feb 2, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-47566 | 0.00 | — | 0.01 | Feb 2, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-47562 | 0.00 | — | 0.01 | Feb 2, 2024 | An OS command injection vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15… | |||
| CVE-2023-47561 | 0.00 | — | 0.00 | Feb 2, 2024 | A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 (… | |||
| CVE-2023-45037 | 0.00 | — | 0.01 | Feb 2, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-45036 | 0.00 | — | 0.01 | Feb 2, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-45035 | 0.00 | — | 0.01 | Feb 2, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-45028 | 0.00 | — | 0.00 | Feb 2, 2024 | An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the… | |||
| CVE-2023-45027 | 0.00 | — | 0.00 | Feb 2, 2024 | A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed… | |||
| CVE-2023-45026 | 0.00 | — | 0.00 | Feb 2, 2024 | A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed… | |||
| CVE-2023-45025 | 0.00 | — | 0.01 | Feb 2, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build… | |||
| CVE-2023-41292 | 0.00 | — | 0.01 | Feb 2, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-41283 | 0.00 | — | 0.01 | Feb 2, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-41282 | 0.00 | — | 0.01 | Feb 2, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-41281 | 0.00 | — | 0.01 | Feb 2, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-41280 | 0.00 | — | 0.01 | Feb 2, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-41279 | 0.00 | — | 0.01 | Feb 2, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-41278 | 0.00 | — | 0.01 | Feb 2, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-41277 | 0.00 | — | 0.01 | Feb 2, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-41276 | 0.00 | — | 0.01 | Feb 2, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-41275 | 0.00 | — | 0.01 | Feb 2, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-41274 | 0.00 | — | 0.00 | Feb 2, 2024 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the… | |||
| CVE-2023-41273 | 0.00 | — | 0.01 | Feb 2, 2024 | A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-39303 | 0.00 | — | 0.00 | Feb 2, 2024 | An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-39297 | 0.00 | — | 0.01 | Feb 2, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS… | |||
| CVE-2023-39302 | 0.00 | — | 0.01 | Feb 2, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-32967 | 0.00 | — | 0.00 | Feb 2, 2024 | An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. QTS 5.x, QuTS hero are not affected. We have… | |||
| CVE-2023-39294 | 0.00 | — | 0.01 | Jan 5, 2024 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following… | |||
| CVE-2023-39296 | 0.00 | — | 0.02 | Jan 5, 2024 | A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to override existing attributes with ones that have incompatible type, which may lead to a crash via a network. We have… | |||
| CVE-2023-41287 | 0.00 | — | 0.01 | Jan 5, 2024 | A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later | |||
| CVE-2023-41288 | 0.00 | — | 0.01 | Jan 5, 2024 | An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later | |||
| CVE-2023-41289 | 0.00 | — | 0.01 | Jan 5, 2024 | An OS command injection vulnerability has been reported to affect QcalAgent. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QcalAgent 1.1.8 and later | |||
| CVE-2023-45044 | 0.00 | — | 0.01 | Jan 5, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-45043 | 0.00 | — | 0.01 | Jan 5, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-45042 | 0.00 | — | 0.01 | Jan 5, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-45041 | 0.00 | — | 0.01 | Jan 5, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-45040 | 0.00 | — | 0.01 | Jan 5, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-45039 | 0.00 | — | 0.01 | Jan 5, 2024 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-32968 | 0.00 | — | 0.01 | Dec 8, 2023 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the… | |||
| CVE-2023-23372 | 0.00 | — | 0.00 | Dec 8, 2023 | A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS… |
- CVE-2024-29229Mar 28, 2024risk 0.00cvss —epss 0.01
Missing authorization vulnerability in GetLiveViewPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors.
- CVE-2024-29228Mar 28, 2024risk 0.00cvss —epss 0.01
Missing authorization vulnerability in GetStmUrlPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors.
- CVE-2024-29227Mar 28, 2024risk 0.00cvss —epss 0.01
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Layout.LayoutSave webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to read database containing non-sensitive…
- CVE-2024-21901Mar 8, 2024risk 0.00cvss —epss 0.19
A SQL injection vulnerability has been reported to affect myQNAPcloud. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: myQNAPcloud 1.0.52 (…
- CVE-2023-32969Mar 8, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions:…
- CVE-2023-34980Mar 8, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…
- CVE-2023-47221Mar 8, 2024risk 0.00cvss —epss 0.00
A path traversal vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the…
- CVE-2023-50358Feb 13, 2024risk 0.00cvss —epss 0.13
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build…
- CVE-2023-50359Feb 2, 2024risk 0.00cvss —epss 0.00
An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via…
- CVE-2023-47568Feb 2, 2024risk 0.00cvss —epss 0.01
A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS…
- CVE-2023-47567Feb 2, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…
- CVE-2023-47566Feb 2, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…
- CVE-2023-47562Feb 2, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15…
- CVE-2023-47561Feb 2, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 (…
- CVE-2023-45037Feb 2, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-45036Feb 2, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-45035Feb 2, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-45028Feb 2, 2024risk 0.00cvss —epss 0.00
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the…
- CVE-2023-45027Feb 2, 2024risk 0.00cvss —epss 0.00
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed…
- CVE-2023-45026Feb 2, 2024risk 0.00cvss —epss 0.00
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed…
- CVE-2023-45025Feb 2, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build…
- CVE-2023-41292Feb 2, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-41283Feb 2, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…
- CVE-2023-41282Feb 2, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…
- CVE-2023-41281Feb 2, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…
- CVE-2023-41280Feb 2, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-41279Feb 2, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-41278Feb 2, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-41277Feb 2, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-41276Feb 2, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-41275Feb 2, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-41274Feb 2, 2024risk 0.00cvss —epss 0.00
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the…
- CVE-2023-41273Feb 2, 2024risk 0.00cvss —epss 0.01
A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following…
- CVE-2023-39303Feb 2, 2024risk 0.00cvss —epss 0.00
An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following…
- CVE-2023-39297Feb 2, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS…
- CVE-2023-39302Feb 2, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…
- CVE-2023-32967Feb 2, 2024risk 0.00cvss —epss 0.00
An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. QTS 5.x, QuTS hero are not affected. We have…
- CVE-2023-39294Jan 5, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following…
- CVE-2023-39296Jan 5, 2024risk 0.00cvss —epss 0.02
A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to override existing attributes with ones that have incompatible type, which may lead to a crash via a network. We have…
- CVE-2023-41287Jan 5, 2024risk 0.00cvss —epss 0.01
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later
- CVE-2023-41288Jan 5, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later
- CVE-2023-41289Jan 5, 2024risk 0.00cvss —epss 0.01
An OS command injection vulnerability has been reported to affect QcalAgent. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QcalAgent 1.1.8 and later
- CVE-2023-45044Jan 5, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-45043Jan 5, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-45042Jan 5, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-45041Jan 5, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-45040Jan 5, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-45039Jan 5, 2024risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-32968Dec 8, 2023risk 0.00cvss —epss 0.01
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the…
- CVE-2023-23372Dec 8, 2023risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS…
Page 7 of 10