Search
Search Results (605 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-51367 | 1 Qnap | 2 Qts, Quts Hero | 2024-09-11 | 5.4 Medium |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | ||||
| CVE-2013-6276 | 1 Qnap | 10 Viocard-100, Viocard-100 Firmware, Viocard-30 and 7 more | 2024-08-06 | 9.8 Critical |
| QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authorization mechanism is no longer adopted in all active models | ||||
| CVE-2013-7174 | 1 Qnap | 1 Qts | 2024-08-06 | N/A |
| Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS before 4.1.0 allows remote attackers to read arbitrary files via a full pathname in the f parameter. | ||||
| CVE-2013-6277 | 1 Qnap | 2 Viocard 300, Viocard 300 Firmware | 2024-08-06 | 7.5 High |
| QNAP VioCard 300 has hardcoded RSA private keys. | ||||
| CVE-2013-5760 | 1 Qnap | 2 Photo Station, Photo Station Firmware | 2024-08-06 | N/A |
| QNAP Photo Station before firmware 4.0.3 build0912 allows remote attackers to list OS user accounts via a request to photo/p/api/list.php. | ||||