CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A cross-site scripting XSS vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: Notes Station 3 3.9.6 and later...

6.3CVSS5.6AI score0.00874EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:42 a.m.•3 views

CVE-2024-38644

An OS command injection vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote authenticated attackers to execute commands. We have already fixed the vulnerability in the following version: Notes Station 3 3.9.7 and later...

8.7CVSS7.4AI score0.0176EPSS

Exploits0

RedhatCVE•added 2025/05/23 6:41 a.m.•2 views

CVE-2024-38643

A missing authentication for critical function vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote attackers to gain access to and execute certain functions. We have already fixed the vulnerability in the following version: Notes Station 3...

9.3CVSS7.7AI score0.01492EPSS

Exploits0

CNVD•added 2024/12/04 12:0 a.m.•2 views

QNAP Notes Station 3 Authentication Missing Vulnerability

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. QNAP Notes Station 3 suffers from an authentication missing vulnerability that stems from the inclusion of ...

9.8CVSS7.2AI score0.01492EPSS

Exploits0References1

CNVD•added 2024/12/04 12:0 a.m.•2 views

QNAP Notes Station 3 Server-Side Request Forgery Vulnerability

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. A server-side request forgery vulnerability exists in QNAP Notes Station 3. The vulnerability stems from th...

9.4CVSS6.9AI score0.00319EPSS

Exploits0References1

NVD•added 2024/11/22 4:15 p.m.•9 views

CVE-2024-38646

An incorrect permission assignment for critical resource vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow local authenticated attackers who have gained administrator access to read or modify the resource. We have already fixed the vulnerabilit...

8.4CVSS0.00055EPSS

Exploits0References1

NVD•added 2024/11/22 4:15 p.m.•7 views

CVE-2024-38645

A server-side request forgery SSRF vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote authenticated attackers to read application data. We have already fixed the vulnerability in the following version: Notes Station 3 3.9.7 and later...

9.4CVSS0.00319EPSS

Exploits0References1

NVD•added 2024/11/22 4:15 p.m.•7 views

CVE-2024-38644

8.8CVSS0.0176EPSS

Exploits0References1

OSV•added 2024/11/22 4:15 p.m.•1 views

CVE-2024-38646

6CVSS5.8AI score0.00055EPSS

Exploits0References1

OSV•added 2024/11/22 4:15 p.m.•0 views

CVE-2024-38645

6.5CVSS5.8AI score

Exploits0References1

NVD•added 2024/11/22 4:15 p.m.•8 views

CVE-2024-38643

9.8CVSS0.01492EPSS

Exploits0References1

CVE•added 2024/11/22 3:32 p.m.•48 views

CVE-2024-38643

CVE-2024-38643 affects QNAP Notes Station 3. The issue is a missing authentication for a critical function, allowing remote attackers to gain access to and execute certain functions. The vulnerability is documented with a high impact and network-based attack vector (CVSS 3.1/4.0 metrics indicate ...

9.8CVSS7.3AI score0.01492EPSS

Exploits0References1Affected Software1