CVE-2024-53695

The CVE-2024-53695 entry concerns QNAP HBS 3 Hybrid Backup Sync. A buffer overflow (boundary error) in the product could, if exploited, allow a remote attacker to modify memory or crash processes. Public references in the provided documents confirm the vulnerability and indicate a fix in HBS 3 Hy...

CVE-2024-53695 HBS 3 Hybrid Backup Sync

A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...

CVE-2024-53695 HBS 3 Hybrid Backup Sync

A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...

QNAP Systems HBS 3 Hybrid Backup Sync 安全漏洞

QNAP Systems HBS 3 Hybrid Backup Sync is a data management tool that integrates backup, restore and synchronization functions on Weilian's NAS devices, supporting local, remote and cloud storage backups and providing an efficient data protection solution. A buffer overflow vulnerability exists in...

Linux Distros Unpatched Vulnerability : CVE-2022-1720

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory...

Linux Distros Unpatched Vulnerability : CVE-2016-9383

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a deni...

RUSTSEC-2025-0030 totally-safe-transmute allows transmuting any type to any other type in safe Rust

This crate is a toy and should never be used. It showcases a known soundness issue https://github.com/rust-lang/rust/issues/32670 that will never get fixed. In short, Linux provides a file called /proc/self/mem which can be used by a program to modify its own memory. This library modifies an enum...

Undermining Integrity Features of SEV-SNP with Memory Aliasing

AMD ID: AMD-SB-3015 Potential Impact: Loss of Integrity Severity: Medium Summary A team of researchers has reported to AMD that it may be possible to modify serial presence detect SPD metadata to make an attached memory module appear larger than it is, potentially allowing an attacker to overwrit...

CVE-2024-50403

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

CVE-2024-50403

CVE-2024-50403 affects QNAP QTS and QuTS hero where a use of externally-controlled format string could allow remote attackers with administrator access to obtain secret data or modify memory. Root cause: externally-controlled format string vulnerability. Affected versions have been fixed in QTS 5...

CVE-2024-50402 QTS, QuTS hero

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

CVE-2024-50402 QTS, QuTS hero

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

CVE-2024-50402

CVE-2024-50402 describes a use of externally-controlled format string vulnerability affecting QNAP QTS and QuTS hero. Affected versions include QTS 5.1.9.2954 build 20241120 and later, QTS 5.2.2.2950 build 20241114 and later, QuTS hero h5.1.9.2954 build 20241120 and later, and QuTS hero h5.2.2.29...

PT-2024-10311 · Qnap · Qnap Qts +1

Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.2.2.2950 build 20241114 QNAP QuTS hero versions prior to 5.2.2.2952 build 20241116 Description: A use of externally-controlled format string issue has been reported to affect several QNAP operating system versions...

CVE-2024-50400

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

CVE-2024-50399

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

CVE-2024-50401

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

CVE-2024-50400

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

CVE-2024-50396

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QT...

CVE-2024-50398

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...