synology
352 tracked vulnerabilities.
CVE-2020-8622
MEDIUM
BIND 9.0.0-9.11.21, 9.12.0-9.16.5, 9.17.0-9.17.3 - Reachable Assertion via Truncated TSIG Response
Aug 21, 2020
CVSS 6.5
EPSS 0.06
CVE-2020-8621
HIGH
BIND 9.14.0-9.16.5, 9.17.0-9.17.3 - DoS
Aug 21, 2020
CVSS 7.5
EPSS 0.03
CVE-2020-1472
MEDIUM
KEV
Netlogon Weak Cryptographic Authentication
Aug 17, 2020
CVSS 5.5
EPSS 1.00
CVE-2019-11823
HIGH
Synology Router Manager <1.2.3-8017-2 - DoS
May 04, 2020
CVSS 8.6
EPSS 0.02
CVE-2019-9502
HIGH
Synology Router Manager - Heap-based Buffer Overflow via Malicious WiFi Vendor Information Element
Feb 03, 2020
CVSS 7.9
EPSS 0.02
CVE-2019-9501
HIGH
Synology Router Manager - Heap-based Buffer Overflow via Malicious WiFi Vendor Information Element
Feb 03, 2020
CVSS 7.9
EPSS 0.03
CVE-2019-19344
MEDIUM
Samba <4.9.18-4.11.5 - Use After Free
Jan 21, 2020
CVSS 6.5
EPSS 0.03
CVE-2019-14907
MEDIUM
Samba 4.9.0-4.9.17, 4.10.0-4.10.11, 4.11.0-4.11.4 - Denial of Service via NTLMSSP Authentication String Conversion
Jan 21, 2020
CVSS 6.5
EPSS 0.03
CVE-2019-9518
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Empty Frame Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.25
CVE-2019-9517
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.27
CVE-2019-9516
MEDIUM
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Header Leak
Aug 13, 2019
CVSS 6.5
EPSS 0.56
CVE-2019-9515
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Settings Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.88
CVE-2019-9514
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Reset Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.83
CVE-2019-9513
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Priority Tree Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.82
CVE-2019-9511
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Size Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.58
CVE-2019-11829
HIGH
Synology Calendar <2.3.1-0617 - Command Injection
Jun 30, 2019
CVSS 7.3
EPSS 0.02
CVE-2019-11828
MEDIUM
Synology Office < 3.1.4-2771 - Authenticated Cross-Site Scripting in Chart
Jun 30, 2019
CVSS 5.5
EPSS 0.01
CVE-2019-11827
MEDIUM
Synology Note Station <2.5.3-0863 - XSS
Jun 30, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-11826
HIGH
Synology Moments <1.3.0-0691 - Path Traversal
Jun 30, 2019
CVSS 8.0
EPSS 0.02
CVE-2019-11825
MEDIUM
Synology Calendar <2.3.0-0615 - XSS
Jun 30, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-11822
MEDIUM
Synology Photo Station <6.8.11-3489, <6.3-2977 - Path Traversal
Jun 30, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-11821
HIGH
Synology Photo Station <6.8.11-3489, <6.3-2977 - SQL Injection
Jun 30, 2019
CVSS 7.3
EPSS 0.02
CVE-2019-11820
MEDIUM
Synology Calendar <2.3.3-0620 - Info Disclosure
May 09, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-9499
HIGH
hostapd and wpa_supplicant < 2.4 - Origin Validation Error in EAP-PWD Commit
Apr 17, 2019
CVSS 8.1
EPSS 0.02
CVE-2019-9498
HIGH
hostapd and wpa_supplicant <= 2.4 - Authentication Bypass via Invalid EAP-PWD Scalar/Element Values
Apr 17, 2019
CVSS 8.1
EPSS 0.02
Products
diskstation_manager 97
router_manager 59
photo_station 33
surveillance_station 25
vs960hd_firmware 22
diskstation_manager_unified_controller 20
skynas 16
Synology Photo Station 13
skynas_firmware 13
calendar 11
bc500_firmware 9
tc500_firmware 9
active_backup_for_business_agent 8
download_station 8
Surveillance Station 6
beedrive 6
drive_client 6
drive_server 6
media_server 6
video_station 6
dns_server 5
note_station 5
ssl_vpn_client 5
Photo Station 4
audio_station 4
beestation_os 4
directory_server 4
radius_server 4
DiskStation Manager (DSM) 3
carddav_server 3
Quick Filters