CVE-2025-52870

CVE-2025-52870 is a buffer‑overflow vulnerability in Qsync Central. The issue allows a remote attacker who has a user account to exploit memory corruption or crash processes. Public details identify the affected software as Qsync Central, with the root cause described as a buffer overflow. remedi...

CVE-2025-57709 Qsync Central

A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...

CVE-2025-57709

A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...

QNAP Qsync Central 格式化字符串错误漏洞

QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a vulnerability related to formatted strings. This vulnerability stemmed from the use of externally controlled formatted...

PT-2026-7542

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.4 Description A buffer overflow issue exists in Qsync Central. A remote attacker who obtains a user account can exploit this to alter memory or cause processes to crash. Recommendations Update to Qsync...

QNAP Qsync Central 安全漏洞

QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a security vulnerability caused by a buffer overflow. This vulnerability could allow remote attackers to modify memory o...

PT-2026-7533

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.4 Description An out-of-bounds write issue exists in Qsync Central. A remote attacker who obtains a user account can potentially modify or corrupt memory. Recommendations Update to Qsync Central version...

QNAP Qsync Central 安全漏洞

QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a security vulnerability caused by a buffer overflow. This vulnerability could allow remote attackers to modify memory o...

PT-2026-7537

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.4 Description A buffer overflow issue exists in Qsync Central. A remote attacker who obtains a user account can potentially exploit this to alter memory or cause processes to crash. Recommendations Update ...

QNAP Qsync Central 缓冲区错误漏洞

QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a buffer error vulnerability. This vulnerability stemmed from out-of-bounds write attacks, which could potentially lead ...

QNAP Qsync Central 安全漏洞

QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a security vulnerability caused by a buffer overflow. This vulnerability could allow remote attackers to modify memory o...

PT-2026-7532

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.4 Description A use of externally-controlled format string issue exists in Qsync Central. A remote attacker who obtains a user account may be able to obtain secret data or modify memory. The issue involves...

PT-2026-7539

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: QuTS hero...

QNAP Systems QuTS hero 安全漏洞

QNAP Systems QuTS hero is an operating system developed by QNAP Systems. Versions prior to h5.3.2.3354 of QNAP Systems QuTS hero contained a security vulnerability caused by a buffer overflow. This vulnerability could allow remote attackers to modify memory or cause processes to crash...

PT-2026-7559

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.4 Description A buffer overflow issue exists in Qsync Central. A remote attacker who has obtained a user account can potentially exploit this issue to modify memory or cause processes to crash...

PT-2026-7540

A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...

QNAP Qsync Central 安全漏洞

QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a security vulnerability caused by a buffer overflow. This vulnerability could allow remote attackers to modify memory o...

CVE-2024-36355

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...

EUVD-2025-206374

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...

Qnap QTS and QuTS hero Out-of-bounds Write (CVE-2024-38638)

An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. QTS 5.2.x/QuTS hero h5.2.x are not affected. We have already fixe...