synology
352 tracked vulnerabilities.
CVE-2021-27646
CRITICAL
Synology DSM <6.2.3-25426-3 - Use After Free
Mar 12, 2021
CVSS 9.8
EPSS 0.04
CVE-2021-26569
CRITICAL
Synology DiskStation Manager < 6.2.3-25426-3 - Remote Code Execution via Race Condition in iscsi_snapshot_comm_core
Mar 12, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-26567
HIGH
Synology Diskstation Manager < 6.2.3-25426-3 - Out-of-Bounds Write
Feb 26, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-26566
HIGH
Synology DiskStation Manager < 6.2.3-25426-3 - Remote Code Execution via QuickConnect Traffic
Feb 26, 2021
CVSS 8.3
EPSS 0.01
CVE-2021-26565
HIGH
Synology DiskStation Manager < 6.2.3-25426-3 - Cleartext Transmission of Sensitive Information via HTTP Session
Feb 26, 2021
CVSS 8.3
EPSS 0.01
CVE-2021-26564
HIGH
Synology DiskStation Manager < 6.2.3-25426-3 - Cleartext Transmission of Sensitive Information via synorelayd
Feb 26, 2021
CVSS 8.3
EPSS 0.01
CVE-2021-26563
HIGH
Synology DiskStation Manager < 6.2.4-25553 - Incorrect Authorization
Feb 26, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-26562
CRITICAL
Synology DiskStation Manager < 6.2.3-25426-3 - Remote Code Execution via syno_finder_site HTTP Header
Feb 26, 2021
CVSS 9.0
EPSS 0.02
CVE-2021-26561
CRITICAL
Synology DiskStation Manager < 6.2.3-25426-3 - Stack-Based Buffer Overflow via syno_finder_site HTTP Header
Feb 26, 2021
CVSS 9.0
EPSS 0.02
CVE-2021-26560
CRITICAL
Synology DiskStation Manager < 6.2.3-25426-3 - Cleartext Transmission of Sensitive Information via synoagentregisterd
Feb 26, 2021
CVSS 9.0
EPSS 0.01
CVE-2021-3156
HIGH
KEVNUCLEI
Sudo Heap-Based Buffer Overflow
Jan 26, 2021
CVSS 7.8
EPSS 0.99
CVE-2020-27660
CRITICAL
Synology SafeAccess <1.2.3-0234 - SQL Injection
Nov 30, 2020
CVSS 9.6
EPSS 0.05
CVE-2020-27659
HIGH
Synology SafeAccess <1.2.3-0234 - XSS
Nov 30, 2020
CVSS 8.4
EPSS 0.05
CVE-2020-27658
HIGH
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-27657
MEDIUM
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-27656
MEDIUM
Synology DSM <6.2.3-25426-2 - Info Disclosure
Oct 29, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-27655
MEDIUM
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-27654
CRITICAL
Synology Router Manager <1.2.4-8081 - RCE
Oct 29, 2020
CVSS 9.8
EPSS 0.05
CVE-2020-27653
HIGH
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 8.3
EPSS 0.01
CVE-2020-27652
HIGH
Synology DSM <6.2.3-25426-2 - Info Disclosure
Oct 29, 2020
CVSS 8.3
EPSS 0.01
CVE-2020-27651
MEDIUM
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 5.8
EPSS 0.01
CVE-2020-27650
MEDIUM
Synology DSM <6.2.3-25426-2 - Info Disclosure
Oct 29, 2020
CVSS 5.8
EPSS 0.01
CVE-2020-27649
HIGH
Synology Router Manager <1.2.4-8081 - Info Disclosure
Oct 29, 2020
CVSS 8.3
EPSS 0.01
CVE-2020-27648
HIGH
Synology DSM <6.2.3-25426-2 - Info Disclosure
Oct 29, 2020
CVSS 8.3
EPSS 0.01
CVE-2020-8623
HIGH
BIND 9.10.0-9.11.21, 9.12.0-9.16.5, 9.17.0-9.17.3 - Reachable Assertion via Crafted Query Packet
Aug 21, 2020
CVSS 7.5
EPSS 0.06
Products
diskstation_manager 97
router_manager 59
photo_station 33
surveillance_station 25
vs960hd_firmware 22
diskstation_manager_unified_controller 20
skynas 16
Synology Photo Station 13
skynas_firmware 13
calendar 11
bc500_firmware 9
tc500_firmware 9
active_backup_for_business_agent 8
download_station 8
Surveillance Station 6
beedrive 6
drive_client 6
drive_server 6
media_server 6
video_station 6
dns_server 5
note_station 5
ssl_vpn_client 5
Photo Station 4
audio_station 4
beestation_os 4
directory_server 4
radius_server 4
DiskStation Manager (DSM) 3
carddav_server 3
Quick Filters