synology

329 tracked vulnerabilities.

CVE-2021-29083 HIGH
Synology DiskStation Manager < 6.2.3-25426-3 - Authenticated Remote Code Execution via PPPoE Realname Parameter
Apr 01, 2021
CVSS 7.2
EPSS 0.01
CVE-2021-27647 CRITICAL
Synology DiskStation Manager < 6.2.3-25426-3 - Remote Code Execution via iscsi_snapshot_comm_core Out-of-bounds Read
Mar 12, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-27646 CRITICAL
Synology DSM <6.2.3-25426-3 - Use After Free
Mar 12, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-26569 CRITICAL
Synology DiskStation Manager < 6.2.3-25426-3 - Remote Code Execution via Race Condition in iscsi_snapshot_comm_core
Mar 12, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-26567 HIGH
Synology Diskstation Manager < 6.2.3-25426-3 - Out-of-Bounds Write
Feb 26, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-26566 HIGH
Synology DiskStation Manager < 6.2.3-25426-3 - Remote Code Execution via QuickConnect Traffic
Feb 26, 2021
CVSS 8.3
EPSS 0.01
CVE-2021-26565 HIGH
Synology DiskStation Manager < 6.2.3-25426-3 - Cleartext Transmission of Sensitive Information via HTTP Session
Feb 26, 2021
CVSS 8.3
EPSS 0.00
CVE-2021-26564 HIGH
Synology DiskStation Manager < 6.2.3-25426-3 - Cleartext Transmission of Sensitive Information via synorelayd
Feb 26, 2021
CVSS 8.3
EPSS 0.00
CVE-2021-26563 HIGH
Synology DiskStation Manager < 6.2.4-25553 - Incorrect Authorization
Feb 26, 2021
CVSS 8.2
EPSS 0.00
CVE-2021-26562 CRITICAL
Synology DiskStation Manager < 6.2.3-25426-3 - Remote Code Execution via syno_finder_site HTTP Header
Feb 26, 2021
CVSS 9.0
EPSS 0.01
CVE-2021-26561 CRITICAL
Synology DiskStation Manager < 6.2.3-25426-3 - Stack-Based Buffer Overflow via syno_finder_site HTTP Header
Feb 26, 2021
CVSS 9.0
EPSS 0.02
CVE-2021-26560 CRITICAL
Synology DiskStation Manager < 6.2.3-25426-3 - Cleartext Transmission of Sensitive Information via synoagentregisterd
Feb 26, 2021
CVSS 9.0
EPSS 0.00
CVE-2021-3156 HIGH KEVNUCLEI
Sudo Heap-Based Buffer Overflow
Jan 26, 2021
CVSS 7.8
EPSS 0.93
CVE-2020-27660 CRITICAL
Synology SafeAccess <1.2.3-0234 - SQL Injection
Nov 30, 2020
CVSS 9.6
EPSS 0.02
CVE-2020-27659 HIGH
Synology SafeAccess <1.2.3-0234 - XSS
Nov 30, 2020
CVSS 8.4
EPSS 0.00
CVE-2020-27658 HIGH
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 7.1
EPSS 0.00
CVE-2020-27657 MEDIUM
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-27656 MEDIUM
Synology DSM <6.2.3-25426-2 - Info Disclosure
Oct 29, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-27655 MEDIUM
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-27654 CRITICAL
Synology Router Manager <1.2.4-8081 - RCE
Oct 29, 2020
CVSS 9.8
EPSS 0.03
CVE-2020-27653 HIGH
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 8.3
EPSS 0.01
CVE-2020-27652 HIGH
Synology DSM <6.2.3-25426-2 - Info Disclosure
Oct 29, 2020
CVSS 8.3
EPSS 0.00
CVE-2020-27651 MEDIUM
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 5.8
EPSS 0.00
CVE-2020-27650 MEDIUM
Synology DSM <6.2.3-25426-2 - Info Disclosure
Oct 29, 2020
CVSS 5.8
EPSS 0.00
CVE-2020-27649 HIGH
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 8.3
EPSS 0.00
Products
diskstation_manager 96 router_manager 59 photo_station 33 vs960hd_firmware 22 diskstation_manager_unified_controller 20 surveillance_station 19 skynas 16 Synology Photo Station 13 skynas_firmware 13 calendar 11 bc500_firmware 9 tc500_firmware 9 download_station 8 active_backup_for_business_agent 7 drive_client 6 drive_server 6 media_server 6 video_station 6 dns_server 5 note_station 5 Photo Station 4 audio_station 4 beedrive 4 directory_server 4 radius_server 4 beestation_os 3 carddav_server 3 chat 3 file_station 3 mailplus_server 3
Quick Filters
Critical CVEs With Exploits In CISA KEV