23088 matches found
CVE-2025-53406 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
EUVD-2025-32340
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-53406
CVE-2025-53406 affects QNAP QTS and QuTS Hero where an externally-controlled format string could be exploited by an attacker with administrator privileges to access secret data or modify memory. Technical sources (NVD/NASL/OpenVAS plugin, Tenable OT/OpenVAS entries) confirm the issue and publicly...
CVE-2025-53406 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-52429 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-52429 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-52429
CVE-2025-52429 affects QNAP QTS and QuTS hero. The issue is a use of externally-controlled format string in the OS, which an administrator-authenticated remote attacker could exploit to access secret data or modify memory. Affected products/versions: QTS prior to 5.2.6.3195 (build 20250715) and Q...
EUVD-2025-32365
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-48730
The CVE-2025-48730 issue is a use of externally-controlled format string vulnerability affecting QNAP QTS and QuTS Hero. The root cause is formatting strings controlled by external input, enabling a remote attacker with an administrator account to obtain secret data or modify memory. Affected ver...
EUVD-2025-32369
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-48730 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-48730 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
poc-scaner
Java POC Scanner A powerful graphical POC Proof of Concept...
PT-2025-40587
Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.6.3195 build 20250715 QNAP QuTS hero versions prior to 5.2.6.3195 build 20250715 Description A use of externally-controlled format string vulnerability exists in QNAP operating systems. If an attacker obtains an...
QNAP operating system 格式化字符串错误漏洞
The QNAP operating system is an operating system from Taiwan, China-based QNAP Technology QNAP. A Formatting String Error vulnerability exists in the QNAP operating system, which arises from the use of externally controlled formatting strings that could lead to the acquisition of secret data or...
PT-2025-40569
Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.6.3195 build 20250715 QNAP QuTS hero versions prior to 5.2.6.3195 build 20250715 Description A use of externally-controlled format string vulnerability exists in QNAP operating systems. If an attacker obtains an...
PT-2025-40586
Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.6.3195 build 20250715 QNAP QuTS hero versions prior to 5.2.6.3195 build 20250715 Description A use of externally-controlled format string vulnerability exists in QNAP operating systems. If an attacker obtains an...
PT-2025-40565
Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.6.3195 build 20250715 QNAP QuTS hero versions prior to 5.2.6.3195 build 20250715 Description A use of externally-controlled format string issue exists in QNAP operating systems. If an attacker obtains an...
SUSE CVE-2023-53479
In the Linux kernel, the following vulnerability has been resolved: cxl/acpi: Fix a use-after-free in cxlparsecfmws KASAN and KFENCE detected an user-after-free in the CXL driver. This happens in the cxldecoderadd fail path. KASAN prints the following error: BUG: KASAN: slab-use-after-free in...
CVE-2025-43718
Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...