Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2017-11154
Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station prior to 6.7.3-3432 and 6.3-2967 allows remote malicious users to create arbitrary PHP scripts via the type parameter.
Synology Photo Station
Synology Photo Station 6.3-2967
1 EDB exploit
5
CVSSv2
CVE-2017-11155
An information exposure vulnerability in index.php in Synology Photo Station prior to 6.7.3-3432 and 6.3-2967 allows remote malicious users to obtain sensitive system information via unspecified vectors.
Synology Photo Station 6.3-2967
Synology Photo Station
1 EDB exploit
7.5
CVSSv2
CVE-2022-22687
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in Authentication functionality in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via unspecified vectors.
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller
5
CVSSv2
CVE-2018-7184
ntpd in ntp 4.2.8p4 prior to 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote malicious users to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting ...
Ntp Ntp 4.2.8
Synology Skynas -
Synology Router Manager 1.1
Synology Diskstation Manager 6.1
Synology Diskstation Manager 6.0
Synology Virtual Diskstation Manager -
Synology Diskstation Manager 5.2
Synology Vs960hd Firmware -
Slackware Slackware Linux 14.0
Slackware Slackware Linux 14.1
Slackware Slackware Linux 14.2
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Netapp Steelstore Cloud Integrated Storage -
Netapp Cloud Backup -
4
CVSSv2
CVE-2019-19344
There is a use-after-free issue in all samba 4.9.x versions prior to 4.9.18, all samba 4.10.x versions prior to 4.10.12 and all samba 4.11.x versions prior to 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.
Samba Samba
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Directory Server -
Synology Router Manager 1.2
Opensuse Leap 15.1
NA
CVE-2022-3576
A vulnerability regarding out-of-bounds read is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote malicious users to obtain sensitive information via unspecified vectors. The following models with Synology DiskStation Manager (DSM) ...
Synology Diskstation Manager
4
CVSSv2
CVE-2017-15886
Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat prior to 2.0.0-1124 allows remote authenticated users to download arbitrary local files via a crafted URI.
Synology Chat
3.5
CVSSv2
CVE-2017-15892
Multiple cross-site scripting (XSS) vulnerabilities in Slash Command Creator in Synology Chat prior to 2.0.0-1124 allow remote authenticated users to inject arbitrary web script or HTML via (1) COMMAND, (2) COMMANDS INSTRUCTION, or (3) DESCRIPTION parameter.
Synology Chat
4
CVSSv2
CVE-2017-11148
Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat prior to 1.1.0-0806 allows remote authenticated users to access intranet resources via unspecified vectors.
Synology Chat
4.6
CVSSv2
CVE-2017-11159
Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader prior to 1.4.2-084 on Windows allows local malicious users to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.d...
Synology Photo Station Uploader
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »