qnap

613 tracked vulnerabilities.

CVE-2024-48859 CRITICAL
QNAP QTS and QuTS hero - Improper Authentication
Dec 06, 2024
CVSS 9.1
EPSS 0.01
CVE-2024-50401 HIGH
QNAP QTS and QuTS hero - Use of Externally-Controlled Format String
Nov 22, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-50400 HIGH
QNAP QTS and QuTS hero - Use of Externally-Controlled Format String
Nov 22, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-50399 HIGH
QNAP QTS and QuTS hero - Use of Externally-Controlled Format String
Nov 22, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-50398 HIGH
QNAP QTS and QuTS hero - Use of Externally-Controlled Format String
Nov 22, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-50397 HIGH
QNAP QTS and QuTS hero - Use of Externally-Controlled Format String
Nov 22, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-50396 HIGH
QNAP QTS and QuTS hero - Use of Externally-Controlled Format String
Nov 22, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-50395 HIGH
QNAP Media Streaming add-on 500.1.1.0-500.1.1.5 - Authorization Bypass via User-Controlled Key
Nov 22, 2024
CVSS 8.8
EPSS 0.08
CVE-2024-48862 CRITICAL
QuLog Center 1.7.0.800-1.7.0.830 - Unauthenticated Path Traversal and Arbitrary File Write via Link Following
Nov 22, 2024
CVSS 9.8
EPSS 0.02
CVE-2024-48861 HIGH
QNAP QuRouter < 2.4.4.106 - OS Command Injection
Nov 22, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-48860 CRITICAL
QuRouter < 2.4.3.103 - OS Command Injection
Nov 22, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-38647 HIGH
QNAP AI Core <3.4.1 - Info Disclosure
Nov 22, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-38646 MEDIUM
Notes Station 3 <3.9.7 - Privilege Escalation
Nov 22, 2024
CVSS 6.0
EPSS 0.00
CVE-2024-38645 MEDIUM
Notes Station 3 3.9.0-3.9.6 - Authenticated Server-Side Request Forgery
Nov 22, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-38644 HIGH
Notes Station 3 <3.9.7 - Command Injection
Nov 22, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-38643 CRITICAL
Notes Station 3 3.9.0-3.9.6 - Unauthenticated Remote Function Execution
Nov 22, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-37050 MEDIUM
QNAP QTS and QuTS hero - Stack-based Buffer Overflow
Nov 22, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-37049 MEDIUM
QNAP QTS and QuTS hero - Authenticated Remote Code Execution via Stack-based Buffer Overflow
Nov 22, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-37048 MEDIUM
QNAP QTS and QuTS hero - Denial of Service via NULL Pointer Dereference
Nov 22, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-37047 MEDIUM
QNAP QTS and QuTS hero - Authenticated Stack-based Buffer Overflow
Nov 22, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-37046 MEDIUM
QNAP QTS and QuTS hero - Authenticated Path Traversal
Nov 22, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-37045 MEDIUM
QNAP QTS and QuTS hero - Denial of Service via NULL Pointer Dereference
Nov 22, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-37044 HIGH
QNAP QTS and QuTS hero - Stack-based Buffer Overflow
Nov 22, 2024
CVSS 7.2
EPSS 0.03
CVE-2024-37043 MEDIUM
QNAP QTS and QuTS hero - Authenticated Path Traversal
Nov 22, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-37042 MEDIUM
QNAP QTS and QuTS hero - Denial of Service via NULL Pointer Dereference
Nov 22, 2024
CVSS 4.9
EPSS 0.00
Products
qts 272 quts_hero 223 qsync_central 62 qutscloud 62 file_station 48 photo_station 26 video_station 15 media_streaming_add-on 13 music_station 13 qurouter 12 helpdesk 11 qumagie 10 qvr 10 qulog_center 8 nas_proxy_server 7 q\'center 7 hybrid_backup_sync 6 notes_station_3 6 qvr_pro 6 license_center 5 multimedia_console 5 qunetswitch 5 qvr_elite 5 qvr_guard 5 qes 4 download_station 3 qcalagent 3 qufirewall 3 qvp-21a_firmware 3 qvp-41a_firmware 3
Quick Filters
Critical CVEs With Exploits In CISA KEV