Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology diskstation manager 6.2 vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2019-3870
A vulnerability was found in Samba from version (including) 4.9 to versions prior to 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only a...
Samba Samba
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Synology Diskstation Manager 5.2
Synology Diskstation Manager 6.1
Synology Diskstation Manager 6.2
Synology Directory Server -
Synology Router Manager 1.2
Synology Skynas Firmware -
Synology Vs960hd Firmware
4
CVSSv2
CVE-2018-13281
Information exposure vulnerability in SYNO.Core.ACL in Synology DiskStation Manager (DSM) prior to 6.2-23739-2 allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the file_path parameter.
Synology Diskstation Manager 6.0
Synology Vs960hd -
Synology Skynas -
Synology Diskstation Manager
Synology Diskstation Manager 5.2
4
CVSSv2
CVE-2018-8916
Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) prior to 6.2-23739 allows remote authenticated users to reset password without verification.
Synology Diskstation Manager
6.5
CVSSv2
CVE-2017-12075
Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) prior to 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter.
Synology Diskstation Manager
4
CVSSv2
CVE-2018-13286
Incorrect default permissions vulnerability in synouser.conf in Synology Diskstation Manager (DSM) prior to 6.2-23739-1 allows remote authenticated users to obtain sensitive information via the world readable configuration.
Synology Diskstation Manager
4.3
CVSSv2
CVE-2018-13280
Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) prior to 6.2-23739 allows man-in-the-middle malicious users to compromise non-HTTPS sessions via unspecified vectors.
Synology Diskstation Manager
9
CVSSv2
CVE-2018-13284
Command injection vulnerability in ftpd in Synology Diskstation Manager (DSM) prior to 6.2-23739-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.
Synology Diskstation Manager
4
CVSSv2
CVE-2019-19344
There is a use-after-free issue in all samba 4.9.x versions prior to 4.9.18, all samba 4.10.x versions prior to 4.10.12 and all samba 4.11.x versions prior to 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.
Samba Samba
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Directory Server -
Synology Router Manager 1.2
Opensuse Leap 15.1
2.6
CVSSv2
CVE-2019-14907
All samba versions 4.9.x prior to 4.9.18, 4.10.x prior to 4.10.12 and 4.11.x prior to 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be p...
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Samba Samba
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Directory Server -
Synology Router Manager 1.2
Debian Debian Linux 9.0
7.8
CVSSv2
CVE-2019-9518
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. ...
Apple Swiftnio
Apache Traffic Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Software Collections 1.0
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Quay 3.0.0
Redhat Openshift Service Mesh 1.0
Redhat Jboss Enterprise Application Platform 7.3.0
Oracle Graalvm 19.2.0
2 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »