Lucene search
+L

40 matches found

RedhatCVE
RedhatCVE
added 2025/08/31 6:11 p.m.3 views

CVE-2025-30274

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later...

6.5CVSS6.8AI score0.00289EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/29 12:0 a.m.4 views

PT-2025-35281

Name of the Vulnerable Software and Affected Versions: QNAP versions prior to QTS 5.2.5.3145 build 20250526 QNAP versions prior to QuTS hero h5.2.5.3138 build 20250519 Description: An out-of-bounds write issue exists in QNAP operating systems. A remote attacker with a user account can exploit thi...

7.1CVSS6.6AI score0.00349EPSS
Exploits0References5
OSV
OSV
added 2025/03/07 5:15 p.m.4 views

CVE-2024-53693

An improper neutralization of CRLF sequences 'CRLF Injection' vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify application data. We have already fixed the...

7.1CVSS5.8AI score0.00457EPSS
Exploits0References1
OSV
OSV
added 2024/12/19 2:15 a.m.2 views

CVE-2023-23357

A cross-site scripting XSS vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to bypass security mechanisms or read application data. We have already fixed the...

4.8CVSS5.7AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.5 views

QNAP Systems QTS和QuTS hero 安全漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems.QNAP Systems QTS is an entry operating system.QNAP Systems QuTS hero is an operating system. A security vulnerability exists in QNAP Systems QTS and QNAP Systems QuTS hero that stems from the...

7.5CVSS6.6AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2024/11/22 4:15 p.m.2 views

CVE-2024-37041

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the followin...

7.2CVSS6AI score
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.5 views

QNAP Systems QTS和QNAP Systems QuTS hero 路径遍历漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems.QNAP Systems QTS is a starter operating system.QNAP Systems QuTS hero is an operating system. A path traversal vulnerability exists in QNAP Systems QTS prior to version 5.2.1.2930 build 20241025...

4.9CVSS6.6AI score0.00676EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.6 views

QNAP Systems QTS和QuTS hero 格式化字符串错误漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems.QNAP Systems QTS is an entry operating system.QNAP Systems QuTS hero is an operating system. A format string error vulnerability exists in QNAP Systems QTS prior to version 5.2.1.2930 build...

7.2CVSS6.5AI score0.00574EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/02 12:0 a.m.6 views

PT-2024-1515 · Qnap · Qts +2

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.4.2596 build 20231128 QTS versions prior to 4.5.4.2627 build 20231225 QuTS hero versions prior to h5.1.4.2596 build 20231128 QuTS hero versions prior to h4.5.4.2626 build 20231225 QuTScloud versions prior to...

9.8CVSS9.4AI score0.01128EPSS
Exploits0References7
OSV
OSV
added 2023/12/08 4:15 p.m.5 views

CVE-2023-23372

A cross-site scripting XSS vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 a...

6.1CVSS5.7AI score0.00452EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/03 12:0 a.m.4 views

PT-2023-9128 · Qnap · Quts Hero +1

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.4.2596 build 20231128 QuTS hero versions prior to h5.1.4.2596 build 20231128 Description: The issue is related to a buffer copy without checking the size of the input, which can lead to a buffer overflow in memory...

9CVSS7.2AI score0.0064EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/08/28 12:0 a.m.4 views

PT-2023-8499 · Qnap · Quts Hero +2

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.2.2533 build 20230926 QuTS hero versions prior to h5.1.2.2534 build 20230927 QuTScloud versions prior to c5.1.5.2651 Description: A buffer copy without checking the size of input vulnerability has been reported to...

8.3CVSS7.2AI score0.00547EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/07/27 12:0 a.m.5 views

PT-2023-8519 · Qnap · Qts +2

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.4.2596 build 20231128 QTS versions prior to 4.5.4.2627 build 20231225 QuTS hero versions prior to h5.1.4.2596 build 20231128 QuTS hero versions prior to h4.5.4.2626 build 20231225 QuTScloud versions prior to...

9CVSS8.7AI score0.01405EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/03/29 12:0 a.m.6 views

QNAP Systems QTS 和 QuTS hero 命令注入漏洞

QNAP Systems QTS is an operating system for use with entry to mid-level QNAP NAS from China's Weilian Technology QNAP Systems. A command injection vulnerability exists in QNAP Systems QTS and QuTS hero, which can be exploited to allow an authenticated remote user to execute arbitrary commands fro...

7.2CVSS7.6AI score0.01226EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/05/05 12:0 a.m.4 views

PT-2022-3429 · Qnap · Quts Hero +2

Name of the Vulnerable Software and Affected Versions: QuTScloud versions prior to c5.0.1.1949 QuTS hero versions prior to h5.0.0.1986 build 20220324 QTS versions prior to 5.0.0.1986 build 20220324 Description: A command injection issue affects QNAP NAS running QuTScloud, QuTS hero, and QTS,...

9CVSS9AI score0.01588EPSS
Exploits0References3
OSV
OSV
added 2020/12/10 4:15 a.m.3 views

CVE-2019-7198

This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS...

9.8CVSS7.5AI score0.02685EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/18 12:0 a.m.6 views

QNAP QTS Buffer Overflow Vulnerability (CNVD-2017-37605)

QNAP QTS is a Turbo NAS operating system from QNAP Systems. The system provides file storage, management, backup, multimedia applications and security monitoring. A buffer overflow vulnerability exists in QNAP QTS. A remote attacker could exploit this vulnerability to execute arbitrary code on th...

9.8CVSS8.2AI score0.03287EPSS
Exploits1References1
CNVD
CNVD
added 2017/11/09 12:0 a.m.6 views

QNAP QTS Music Station Command Injection Vulnerability

QNAP QTS is a Turbo NAS operating system from QNAP Systems that provides file storage, management, backup, multimedia applications and security monitoring. The system provides file storage, management, backup, multimedia applications and security monitoring, etc. Music Station is one of the music...

9.8CVSS8AI score0.01682EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/24 12:0 a.m.4 views

QNAP QTS Arbitrary Command Execution Vulnerability (CNVD-2017-10395)

QNAP QTS is a Turbo NAS operating system from QNAP Systems. The system provides file storage, management, backup, multimedia applications and security monitoring. An arbitrary command execution vulnerability exists in QNAP QTS. An attacker could use this vulnerability to execute arbitrary command...

10CVSS7.7AI score0.56847EPSS
Exploits5References1
VulnCheck KEV
VulnCheck KEV
added 2014/09/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2017-6361

QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors...

10CVSS7.5AI score0.56847EPSS
Exploits5References1
Rows per page
Query Builder