synology

329 tracked vulnerabilities.

CVE-2023-41740 MEDIUM
Synology Router Manager < 1.3.1-9346-6 - Path Traversal in CGI Component
Aug 31, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-41739 MEDIUM
Synology Router Manager <1.3.1-9346-6 - DoS
Aug 31, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-41738 HIGH
Synology Router Manager < 1.3.1-9346-6 - Authenticated OS Command Injection in Directory Domain Functionality
Aug 31, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-2729 MEDIUM
Synology DSM <7.2-64561 - Info Disclosure
Jun 13, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-0142 MEDIUM
Synology DSM <7.1 - Privilege Escalation
Jun 13, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-32956 CRITICAL
Synology Router Manager < 1.2.5-8227-6 - OS Command Injection in CGI Component
May 16, 2023
CVSS 9.8
EPSS 0.03
CVE-2023-32955 HIGH
Synology Router Manager < 1.2.5-8227-6 - OS Command Injection in DHCP Client Functionality
May 16, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-0077 MEDIUM
Synology Router Manager <1.2.5-8227-6, <1.3.1-9346-3 - Buffer Overflow
Jan 05, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-49041 MEDIUM
Synology Drive Client <3.4.0-15721 - Buffer Overflow
Sep 26, 2024
CVSS 4.4
EPSS 0.00
CVE-2022-49040 MEDIUM
Synology Drive Client <3.4.0-15721 - Buffer Overflow
Sep 26, 2024
CVSS 4.4
EPSS 0.00
CVE-2022-49039 MEDIUM
Synology Drive Client <3.4.0-15721 - Code Injection
Sep 26, 2024
CVSS 6.7
EPSS 0.00
CVE-2022-49038 HIGH
Synology Drive Client <3.3.0-15082 - RCE
Sep 26, 2024
CVSS 7.8
EPSS 0.00
CVE-2022-49037 MEDIUM
Synology Drive Client <3.3.0-15082 - Info Disclosure
Sep 26, 2024
CVSS 6.5
EPSS 0.01
CVE-2022-43932 HIGH
Synology Router Manager <1.2.5-8227-6, <1.3.1-9346-3 - Code Injection
Jan 05, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-43931 CRITICAL
Synology VPN Plus Server <1.4.3-0534, 1.4.4-0635 - RCE
Jan 03, 2023
CVSS 10.0
EPSS 0.04
CVE-2022-43749 MEDIUM
Synology Presto File Server <2.1.2-1601 - Privilege Escalation
Oct 26, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-43748 MEDIUM
Synology Presto File Server <2.1.2-1601 - Path Traversal
Oct 26, 2022
CVSS 5.8
EPSS 0.00
CVE-2022-27623 HIGH
Synology DiskStation Manager < 7.1-42661 - Unauthenticated Arbitrary File Read and Write via iSCSI Management
Oct 25, 2022
CVSS 7.4
EPSS 0.00
CVE-2022-27622 MEDIUM
Synology DiskStation Manager < 7.1-42661 - Authenticated Server-Side Request Forgery via Package Center
Oct 25, 2022
CVSS 4.1
EPSS 0.00
CVE-2022-3576 MEDIUM
Synology DSM <7.1.1-42962-2 - Info Disclosure
Oct 20, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-27626 CRITICAL
Synology DiskStation Manager < 7.1.1-42962-2 - Remote Code Execution via OOB Management Session Race Condition
Oct 20, 2022
CVSS 10.0
EPSS 0.01
CVE-2022-27625 CRITICAL
Synology DiskStation Manager < 7.1.1-42962-2 - Remote Code Execution via OOB Management Message Processing
Oct 20, 2022
CVSS 10.0
EPSS 0.01
CVE-2022-27624 CRITICAL
Synology DiskStation Manager < 7.1.1-42962-2 - Remote Code Execution via OOB Management Packet Decryption
Oct 20, 2022
CVSS 10.0
EPSS 0.01
CVE-2022-27621 MEDIUM
Synology USB Copy < 2.2.0-1086 - Authenticated Path Traversal and Arbitrary File Write via WebAPI Component
Aug 03, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-27620 MEDIUM
Synology SSO Server < 2.2.3-0331 - Authenticated Path Traversal via WebAPI Component
Aug 03, 2022
CVSS 6.8
EPSS 0.00
Products
diskstation_manager 96 router_manager 59 photo_station 33 vs960hd_firmware 22 diskstation_manager_unified_controller 20 surveillance_station 19 skynas 16 Synology Photo Station 13 skynas_firmware 13 calendar 11 bc500_firmware 9 tc500_firmware 9 download_station 8 active_backup_for_business_agent 7 drive_client 6 drive_server 6 media_server 6 video_station 6 dns_server 5 note_station 5 Photo Station 4 audio_station 4 beedrive 4 directory_server 4 radius_server 4 beestation_os 3 carddav_server 3 chat 3 file_station 3 mailplus_server 3
Quick Filters
Critical CVEs With Exploits In CISA KEV