qnap

635 tracked vulnerabilities.

CVE-2024-32768 MEDIUM
Photo Station 6.4.0-6.4.2 - Authenticated Stored Cross-Site Scripting
Nov 22, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-32767 MEDIUM
Photo Station 6.4.0-6.4.2 - Authenticated Stored Cross-Site Scripting
Nov 22, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-38642 HIGH
QuMagie < 2.3.1 - Improper Certificate Validation
Sep 06, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-38641 HIGH
QNAP QTS and QuTS hero < 5.1.8.2823 - OS Command Injection
Sep 06, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-38640 MEDIUM
QNAP Download Station 5.8.0-5.8.6.283 - Authenticated Cross-Site Scripting
Sep 06, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-32771 LOW
QNAP QTS and QuTS hero - Excessive Authentication Attempts
Sep 06, 2024
CVSS 2.6
EPSS 0.00
CVE-2024-32763 HIGH
QNAP QTS and QuTS hero - Authenticated Remote Code Execution via Heap-based Buffer Overflow
Sep 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-32762 HIGH
QuLog Center 1.7.0-1.7.0.826 - Cross-Site Scripting via Network
Sep 06, 2024
CVSS 8.2
EPSS 0.00
CVE-2024-27126 MEDIUM
Notes Station 3 3.9.0-3.9.5 - Authenticated Stored Cross-Site Scripting
Sep 06, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-27125 LOW
QNAP Helpdesk < 3.3.1 - Authenticated Stored Cross-Site Scripting
Sep 06, 2024
CVSS 3.5
EPSS 0.00
CVE-2024-27122 MEDIUM
Notes Station 3 3.9.0-3.9.5 - Authenticated Stored Cross-Site Scripting
Sep 06, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-21906 MEDIUM
QNAP QTS and QuTS hero - Authenticated OS Command Injection
Sep 06, 2024
CVSS 4.7
EPSS 0.01
CVE-2024-21904 MEDIUM
QNAP QTS and QuTS hero - Path Traversal
Sep 06, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-21903 MEDIUM
QNAP QTS and QuTS hero - Authenticated OS Command Injection
Sep 06, 2024
CVSS 6.6
EPSS 0.01
CVE-2024-21898 HIGH
QNAP QTS and QuTS hero - Authenticated OS Command Injection
Sep 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-21897 HIGH
QNAP QTS and QuTS hero - Authenticated Cross-Site Scripting
Sep 06, 2024
CVSS 8.9
EPSS 0.00
CVE-2024-32765 MEDIUM
QTS 5.1.0-5.1.8.2823 and QuTS hero h5.1.0-h5.1.8.2823 - Authenticated Privilege Escalation via Network & Virtual Switch
Aug 12, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-27130 HIGH
QNAP QTS and QuTS hero - Remote Code Execution via Stack-based Buffer Overflow
May 21, 2024
CVSS 7.2
EPSS 0.38
CVE-2024-27129 MEDIUM
QNAP QTS and QuTS hero - Authenticated Remote Code Execution via Stack-based Buffer Overflow
May 21, 2024
CVSS 6.4
EPSS 0.01
CVE-2024-27128 MEDIUM
QNAP QTS and QuTS hero - Authenticated Remote Code Execution via Stack-based Buffer Overflow
May 21, 2024
CVSS 6.4
EPSS 0.01
CVE-2024-27127 HIGH
QNAP QTS and QuTS hero - Authenticated Remote Code Execution via Double Free
May 21, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-21902 MEDIUM
QNAP QTS and QuTS hero - Authenticated Exposure of Sensitive Information via Incorrect Permission Assignment
May 21, 2024
CVSS 6.4
EPSS 0.00
CVE-2024-32766 CRITICAL
QNAP QTS < 4.5.4.2627 and QuTS hero < h4.5.4.2626 and QuTScloud < c5.1.5.2651 - OS Command Injection
Apr 26, 2024
CVSS 10.0
EPSS 0.02
CVE-2024-32764 CRITICAL
myQNAPcloud Link <2.4.51 - Privilege Escalation
Apr 26, 2024
CVSS 9.9
EPSS 0.00
CVE-2024-27124 HIGH
QNAP QTS 4.5.1-4.5.4.2626 and QTS 5.1.3.2578 - OS Command Injection
Apr 26, 2024
CVSS 7.5
EPSS 0.01