Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2018-13285
Command injection vulnerability in ftpd in Synology Router Manager (SRM) prior to 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.
Synology Router Manager
801
VMScore
CVE-2018-13284
Command injection vulnerability in ftpd in Synology Diskstation Manager (DSM) prior to 6.2-23739-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.
Synology Diskstation Manager
758
VMScore
CVE-2017-14491
Heap-based buffer overflow in dnsmasq prior to 2.78 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
Thekelleys Dnsmasq
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 7.1
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 42.2
Suse Linux Enterprise Server 11
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Server 12
Suse Linux Enterprise Point Of Sale 11
Nvidia Linux For Tegra
1 EDB exploit
9 Github repositories
755
VMScore
CVE-2017-11151
A vulnerability in synotheme_upload.php in Synology Photo Station prior to 6.7.3-3432 and 6.3-2967 allows remote malicious users to upload arbitrary files without authentication via the logo_upload action.
Synology Photo Station
Synology Photo Station 6.3-2967
1 EDB exploit
755
VMScore
CVE-2017-11153
Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station prior to 6.7.3-3432 and 6.3-2967 allows remote malicious users to gain administrator privileges via a crafted serialized payload.
Synology Photo Station 6.3-2967
Synology Photo Station
1 EDB exploit
755
VMScore
CVE-2015-6911
SQL injection vulnerability in Synology Video Station prior to 1.5-0763 allows remote malicious users to execute arbitrary SQL commands via the id parameter to watchstatus.cgi.
Synology Video Station
1 EDB exploit
755
VMScore
CVE-2013-6987
Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) prior to 4.3-3810 Update 3 allow remote malicious users to read, write, and delete arbitrary files via a .. (dot dot) in the (1) path parameter to file_delete.cgi or (...
Synology Diskstation Manager 4.3-3810
1 EDB exploit
1 Github repository
741
VMScore
CVE-2019-9501
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets,...
Synology Router Manager 1.2
Broadcom Bcm4339 Firmware -
1 Article
741
VMScore
CVE-2019-9502
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, ...
Synology Router Manager 1.2
Broadcom Bcm4339 Firmware -
1 Article
695
VMScore
CVE-2019-9513
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consu...
Apple Swiftnio
Apache Traffic Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Software Collections 1.0
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Quay 3.0.0
Redhat Openshift Service Mesh 1.0
Redhat Jboss Enterprise Application Platform 7.3.0
Oracle Graalvm 19.2.0
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »