74 matches found
CVE-2025-66276
QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later...
CVE-2025-62858
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions:...
CVE-2024-14026
A command injection vulnerability has been reported to affect several QNAP operating system versions. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in th...
Qnap QTS and QuTS hero Improper Neutralization of CRLF Sequences (CVE-2024-14026)
An improper neutralization of CRLF sequences 'CRLF Injection' vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify application data. We have already fixed the...
CVE-2025-47205
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2023-50359
An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via unspecified vector...
CVE-2023-45028
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service DoS attack via a network. We have already fixed the vulnerability in the...
CVE-2025-53414
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-53590
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-48721
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Q...
CVE-2025-54165
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following versions: QTS...
CVE-2025-53589
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-44013
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following...
CVE-2025-52863 QTS, QuTS hero
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS...
CVE-2025-47208 QTS, QuTS hero
An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same...
PT-2026-1096
Name of the Vulnerable Software and Affected Versions QNAP versions prior to QTS 5.2.8.3332 build 20251128 QNAP versions prior to QuTS hero h5.2.8.3321 build 20251117 Description A path traversal issue exists in QNAP operating systems. A remote attacker with administrator privileges can potential...
PT-2025-51363
Name of the Vulnerable Software and Affected Versions QNAP versions prior to QTS 5.2.7.3297 build 20251024 QNAP versions prior to QuTS hero h5.2.7.3297 build 20251024 QNAP versions prior to QuTS hero h5.3.1.3292 build 20251024 Description An authentication bypass allows unauthorized access to...
Qnap QTS and QuTS hero Command Injection (CVE-2025-30264)
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145...
EUVD-2021-21019
Malware in sbrugna...
EUVD-2017-16637
Malware in sbrugna...