Vulnerabilidades em Synology
294 resultadosCVE-2024-53284MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in WiFi Connect Setting functionality in EPSS 0.3%CVE-2024-53285MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in DDNS Record functionality in Synology EPSS 0.3%CVE-2024-53282MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in WiFi Connect MAC Filter functionality EPSS 0.3%CVE-2024-53280MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in network center policy route functionalEPSS 0.3%CVE-2025-13167MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in contact functionality in Synology ContEPSS 0.3%CVE-2024-47272LOWIncorrect authorization vulnerability in IO Module functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows rEPSS 0.2%CVE-2024-47270LOWImproper preservation of permissions vulnerability in Archiving Push functionality in Synology Surveillance Station before 9.2.2-11575 and 9EPSS 0.2%CVE-2024-10444HIGHImproper certificate validation vulnerability in the LDAP utilities in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-EPSS 0.2%CVE-2024-47269MEDIUMCleartext transmission of sensitive information vulnerability in Export Key functionality in Synology Surveillance Station before 9.2.2-1157EPSS 0.2%CVE-2022-49039MEDIUMOut-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users witEPSS 0.2%CVE-2024-53288MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in NTP Region functionality in Synology REPSS 0.2%CVE-2024-53287MEDIUMImproper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in VPN Setting functionality in Synology EPSS 0.2%CVE-2022-49038HIGHInclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 EPSS 0.2%CVE-2023-5748LOWBuffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.EPSS 0.2%CVE-2021-47960MEDIUMA files or directories accessible to external parties vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to EPSS 0.2%CVE-2025-54160HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in BeeDrive in Synology BeeDrive for desktop beEPSS 0.2%CVE-2023-52949MEDIUMMissing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent befoEPSS 0.2%CVE-2022-49041MEDIUMBuffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology DriEPSS 0.2%CVE-2022-49040MEDIUMBuffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in connection management functionality in Synology DrivEPSS 0.2%CVE-2025-54158HIGHMissing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local userEPSS 0.2%