Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

synology virtual diskstation manager - vulnerabilities and exploits

(subscribe to this query)
3.5
CVSSv2
CVE-2018-7170
ntpd in ntp 4.2.x prior to 4.2.8p7 and 4.3.x prior to 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issu...
Ntp NtpNtp Ntp 4.2.8Synology Diskstation ManagerSynology Router ManagerSynology SkynasSynology Virtual Diskstation ManagerSynology Vs960hd FirmwareNetapp Hci -Netapp Solidfire -Hpe Hpux-ntp
5
CVSSv2
CVE-2018-7184
ntpd in ntp 4.2.8p4 prior to 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote malicious users to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting ...
Ntp Ntp 4.2.8Synology Skynas -Synology Router Manager 1.1Synology Diskstation Manager 6.1Synology Diskstation Manager 6.0Synology Virtual Diskstation Manager -Synology Diskstation Manager 5.2Synology Vs960hd Firmware -Slackware Slackware Linux 14.0Slackware Slackware Linux 14.1Slackware Slackware Linux 14.2Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 17.10Canonical Ubuntu Linux 18.04Netapp Steelstore Cloud Integrated Storage -Netapp Cloud Backup -
5
CVSSv2
CVE-2018-7185
The protocol engine in ntp 4.2.6 prior to 4.2.8p11 allows a remote malicious users to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the ...
Ntp NtpNtp Ntp 4.2.8Synology Diskstation ManagerSynology Router ManagerSynology SkynasSynology Virtual Diskstation ManagerSynology Vs960hd FirmwareCanonical Ubuntu Linux 18.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 17.10Netapp Hci -Netapp Solidfire -Hpe Hpux-ntpOracle Fujitsu M10-1 FirmwareOracle Fujitsu M10-4 FirmwareOracle Fujitsu M10-4s FirmwareOracle Fujitsu M12-1 FirmwareOracle Fujitsu M12-2 FirmwareOracle Fujitsu M12-2s Firmware
7.2
CVSSv2
CVE-2021-3156
Sudo prior to 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Sudo Project Sudo 1.9.5Sudo Project SudoFedoraproject Fedora 32Fedoraproject Fedora 33Debian Debian Linux 9.0Debian Debian Linux 10.0Netapp Solidfire -Netapp Hci Management Node -Netapp Oncommand Unified Manager Core Package -Mcafee Web Gateway 8.2.17Mcafee Web Gateway 9.2.8Mcafee Web Gateway 10.0.4Synology Diskstation Manager 6.2Synology Diskstation Manager Unified Controller 3.0Synology Skynas Firmware -Synology Vs960hd Firmware -Beyondtrust Privilege Management For MacBeyondtrust Privilege Management For Unix\\/linuxOracle Micros Compact Workstation 3 Firmware 310Oracle Micros Es400 FirmwareOracle Micros Kitchen Display System Firmware 210Oracle Micros Workstation 5a Firmware 5a
4.7
CVSSv2
CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308Intel Atom C C2316Intel Atom C C2338Intel Atom C C2350Intel Atom C C2358Intel Atom C C2508Intel Atom C C2516Intel Atom C C2518Intel Atom C C2530Intel Atom C C2538Intel Atom C C2550Intel Atom C C2558Intel Atom C C2718Intel Atom C C2730Intel Atom C C2738Intel Atom C C2750Intel Atom C C2758Intel Atom C C3308Intel Atom C C3338Intel Atom C C3508Intel Atom C C3538Intel Atom C C3558
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook