Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29228
Missing authorization vulnerability in GetStmUrlPath webapi component in Synology Surveillance Station prior to 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors.
NA
CVE-2024-29230
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in SnapShot.CountByCategory webapi component in Synology Surveillance Station prior to 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to inject SQL commands ...
NA
CVE-2024-29232
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Alert.Enum webapi component in Synology Surveillance Station prior to 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to inject SQL commands via unspecifie...
NA
CVE-2024-29233
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Emap.Delete webapi component in Synology Surveillance Station prior to 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to inject SQL commands via unspecifi...
NA
CVE-2024-29234
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Group.Save webapi component in Synology Surveillance Station prior to 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to inject SQL commands via unspecifie...
NA
CVE-2024-29235
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in IOModule.EnumLog webapi component in Synology Surveillance Station prior to 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to inject SQL commands via unsp...
NA
CVE-2024-29236
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in AudioPattern.Delete webapi component in Synology Surveillance Station prior to 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to inject SQL commands via u...
NA
CVE-2024-29237
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in ActionRule.Delete webapi component in Synology Surveillance Station prior to 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to inject SQL commands via uns...
NA
CVE-2024-29238
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log.CountByCategory webapi component in Synology Surveillance Station prior to 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to inject SQL commands via u...
NA
CVE-2024-29239
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Recording.CountByCategory webapi component in Synology Surveillance Station prior to 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to inject SQL commands...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »