Vulnerabilidades em Synology
294 resultadosCVE-2024-47268MEDIUMMissing authorization vulnerability in AddOns functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remoteEPSS 0.3%CVE-2024-47271MEDIUMInsufficiently protected credentials vulnerability in IPSpeaker component in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575EPSS 0.3%CVE-2024-47267LOWImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Archiving Pull functionality in Synology SurEPSS 0.3%CVE-2021-47961HIGHA plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence EPSS 0.3%CVE-2024-5401MEDIUMImproper control of dynamically-managed code resources vulnerability in WebAPI component in Synology DiskStation Manager (DSM) before 7.1.1-EPSS 0.3%CVE-2021-29088HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') in cgi component in Synology DiskStation Manager (DSM) beforeEPSS 0.3%CVE-2022-27619MEDIUMCleartext transmission of sensitive information vulnerability in authentication management in Synology Note Station Client before 2.2.2-609 EPSS 0.3%CVE-2017-9552—A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. EPSS 0.3%CVE-2024-45538CRITICALCross-Site Request Forgery (CSRF) vulnerability in WebAPI Framework in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-728EPSS 0.3%CVE-2024-47263MEDIUMAn improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup.Repository webapi component in SynEPSS 0.3%CVE-2022-22686MEDIUMCross-Site Request Forgery (CSRF) vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated usersEPSS 0.3%CVE-2021-33183HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability container volume management component in SynoloEPSS 0.3%CVE-2019-11820MEDIUMInformation exposure through process environment vulnerability in Synology Calendar before 2.3.3-0620 allows local users to obtain credentiaEPSS 0.3%CVE-2024-47273MEDIUMAn improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup Task functionality in Synology HypEPSS 0.3%CVE-2024-39348HIGHDownload of code without integrity check vulnerability in AirPrint functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1EPSS 0.3%CVE-2025-10466MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Safe Access in Synology Safe Access beEPSS 0.3%CVE-2024-13987MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server allows remote aEPSS 0.3%CVE-2024-53281MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Network WOL functionality in Synology EPSS 0.3%CVE-2024-53283MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Router Port Forward functionality in SEPSS 0.3%CVE-2024-53279MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in file station functionality in SynologyEPSS 0.3%