Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology diskstation manager unified controller vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-22687
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in Authentication functionality in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via unspecified vectors.
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller
9.8
CVSSv3
CVE-2021-27649
Use after free vulnerability in file transfer protocol component in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via unspecified vectors.
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller
9
CVSSv3
CVE-2021-26566
Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows man-in-the-middle malicious users to execute arbitrary commands via inbound QuickConnect traffic.
Synology Diskstation Manager
Synology Vs960hd Firmware -
Synology Skynas Firmware -
Synology Diskstation Manager Unified Controller 3.0
8.7
CVSSv3
CVE-2021-26564
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows man-in-the-middle malicious users to spoof servers via an HTTP session.
Synology Diskstation Manager
Synology Vs960hd Firmware -
Synology Skynas Firmware -
Synology Diskstation Manager Unified Controller 3.0
8.1
CVSSv3
CVE-2023-0142
Uncontrolled search path element vulnerability in Backup Management Functionality in Synology DiskStation Manager (DSM) prior to 7.1-42661 allows remote authenticated users to read or write arbitrary files via unspecified vectors.
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller 3.1
Synology Router Manager 1.3.1-9346
Synology Router Manager
8.1
CVSSv3
CVE-2021-26561
Stack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows man-in-the-middle malicious users to execute arbitrary code via syno_finder_site HTTP header.
Synology Diskstation Manager
Synology Vs960hd Firmware -
Synology Skynas Firmware -
Synology Diskstation Manager Unified Controller 3.0
8.1
CVSSv3
CVE-2021-26562
Out-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows man-in-the-middle malicious users to execute arbitrary code via syno_finder_site HTTP header.
Synology Diskstation Manager
Synology Vs960hd Firmware -
Synology Skynas Firmware -
Synology Diskstation Manager Unified Controller 3.0
7.8
CVSSv3
CVE-2021-26567
Stack-based buffer overflow vulnerability in frontend/main.c in faad2 prior to 2.2.7.1 allow local malicious users to execute arbitrary code via filename and pathname options.
Synology Diskstation Manager
Synology Vs960hd Firmware -
Synology Skynas Firmware -
Synology Diskstation Manager Unified Controller 3.0
Faad2 Project Faad2
7.8
CVSSv3
CVE-2021-3156
Sudo prior to 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Sudo Project Sudo 1.9.5
Sudo Project Sudo
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Oncommand Unified Manager Core Package -
Mcafee Web Gateway 8.2.17
Mcafee Web Gateway 9.2.8
Mcafee Web Gateway 10.0.4
Synology Diskstation Manager 6.2
Synology Diskstation Manager Unified Controller 3.0
Synology Skynas Firmware -
Synology Vs960hd Firmware -
Beyondtrust Privilege Management For Mac
Beyondtrust Privilege Management For Unix/linux
Oracle Micros Compact Workstation 3 Firmware 310
Oracle Micros Es400 Firmware
Oracle Micros Kitchen Display System Firmware 210
Oracle Micros Workstation 5a Firmware 5a
143 Github repositories
1 Article
7.5
CVSSv3
CVE-2023-2729
Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) prior to 7.2-64561 allows remote malicious users to obtain user credential via unspecified vectors.
Synology Diskstation Manager Unified Controller 3.1
Synology Diskstation Manager
Synology Router Manager 1.3.1-9346
Synology Router Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »