Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-11829
OS command injection vulnerability in drivers_syno_import_user.php in Synology Calendar prior to 2.3.1-0617 allows remote malicious users to execute arbitrary commands via the crafted 'X-Real-IP' header.
Synology Calendar
NA
CVE-2022-43931
Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server prior to 1.4.3-0534 and 1.4.4-0635 allows remote malicious users to execute arbitrary commands via unspecified vectors.
Synology Vpn Plus Server
NA
CVE-2022-27614
Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server prior to 1.8.1-2876 allows remote malicious users to obtain sensitive information via unspecified vectors.
Synology Media Server
NA
CVE-2022-27617
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology Calendar prior to 2.3.4-0631 allows remote authenticated users to download arbitrary files via unspecified vectors.
Synology Calendar
NA
CVE-2022-27618
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology Storage Analyzer prior to 2.1.0-0390 allows remote authenticated users to delete arbitrary files via unspecified vectors.
Synology Storage Analyzer
NA
CVE-2022-27620
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology SSO Server prior to 2.2.3-0331 allows remote authenticated users to read arbitrary files via unspecified vectors.
Synology Sso Server
NA
CVE-2022-27621
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology USB Copy prior to 2.2.0-1086 allows remote authenticated users to read or write arbitrary files via unspecified vectors.
Synology Usb Copy
NA
CVE-2022-27624
A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the packet decryption functionality of Out-of-Band (OOB) Management. This allows remote malicious users to execute arbitrary commands via unspecified vectors. The followi...
Synology Diskstation Manager
NA
CVE-2022-27625
A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Band (OOB) Management. This allows remote malicious users to execute arbitrary commands via unspecified vectors. The follow...
Synology Diskstation Manager
NA
CVE-2022-27626
A vulnerability regarding concurrent execution using shared resource with improper synchronization ('Race Condition') is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote malicious users to execute arbitrary commands via u...
Synology Diskstation Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »