Lucene search
K

578 matches found

OSV
OSV
added 2024/02/02 4:15 p.m.3 views

CVE-2023-47564

An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync...

8.1CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2024/02/02 4:15 p.m.19 views

Code injection

An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync...

5.5CVSS6.8AI score0.01014EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/02 4:5 p.m.12 views

CVE-2023-47564 Qsync Central

An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync...

8CVSS6.6AI score0.01014EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/02 4:5 p.m.28 views

CVE-2023-47564 Qsync Central

An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync...

8CVSS8AI score0.01014EPSS
Exploits0References1
CVE
CVE
added 2024/02/02 4:5 p.m.48 views

CVE-2023-47564

CVE-2023-47564 affects Qsync Central, caused by an incorrect permission assignment for a critical resource. If exploited, authenticated users could read or modify the resource over the network. Fixed in Qsync Central 4.4.0.15+ (2024/01/04) and 4.3.0.11+ (2024/01/11+). Remediation: upgrade to 4.4....

8.1CVSS7.7AI score0.01014EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/02/02 12:0 a.m.5 views

QNAP Multiple Product Security Vulnerabilities

QNAP Systems QuTScloud and others are products of China Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-range QNAP NAS use. QNAP Systems QuTS hero is an operating system....

8.1CVSS6.7AI score0.01014EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/06 12:0 a.m.6 views

PT-2023-8518 · Qnap · Qsync Central

Name of the Vulnerable Software and Affected Versions: Qsync Central versions prior to 4.3.0.11 Qsync Central versions prior to 4.4.0.15 Description: The issue is related to an incorrect permission assignment for a critical resource in Qsync Central. This could allow an authenticated user to read...

9CVSS7.7AI score0.01014EPSS
Exploits0References6
CNVD
CNVD
added 2018/12/03 12:0 a.m.3 views

QNAP QTS Qsync Central Cross-Site Scripting Vulnerability

QNAP QTS is a Turbo NAS operating system from QNAP Systems that provides file storage, management, backup, multimedia applications and security monitoring. It provides file storage, management, backup, multimedia applications and security monitoring, etc. Qsync Central is one of the cloud-based...

6.1CVSS6AI score0.00772EPSS
Exploits0References1
Prion
Prion
added 2018/11/30 2:29 p.m.14 views

Cross site scripting

Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5: Qsync Central 3.0.4 and earlier versions could allow remote attackers to inject Javascript code in the compromised application...

4.3CVSS6.1AI score0.00772EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/11/30 2:29 p.m.20 views

CVE-2018-0716

Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5: Qsync Central 3.0.4 and earlier versions could allow remote attackers to inject Javascript code in the compromised application...

6.1CVSS6.2AI score0.00772EPSS
Exploits0References1
CVE
CVE
added 2018/11/30 2:0 p.m.51 views

CVE-2018-0716

CVE-2018-0716 is a cross-site scripting vulnerability affecting QNAP QTS components, notably QTS 4.2.6 build 20180711 and QTS 4.3.x series (Qsync Central 3.0.2–3.0.4 and earlier). The underlying issue allows remote attackers to inject JavaScript in the compromised application. The connected docum...

6.1CVSS6.2AI score0.00772EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/11/30 2:0 p.m.20 views

CVE-2018-0716

Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5: Qsync Central 3.0.4 and earlier versions could allow remote attackers to inject Javascript code in the compromised application...

6.2AI score0.00772EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/12 12:0 a.m.4 views

QNAP Qsync for Windows DLL Hijacking Vulnerability

QNAP Qsync for Windows exe is a Windows-based application from QNAP Systems for synchronizing files in a QNAP NAS storage device. A DLL hijacking vulnerability exists in QNAP Qsync for Windows exe versions 4.2.2.0724 and earlier. A remote attacker can exploit this vulnerability to execute arbitra...

9.3CVSS7.9AI score0.02176EPSS
Exploits0References1
NVD
NVD
added 2017/12/11 4:29 p.m.10 views

CVE-2017-13070

A DLL Hijacking vulnerability in QNAP Qsync for Windows exe version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines...

9.3CVSS8AI score0.02176EPSS
Exploits0References1
OSV
OSV
added 2017/12/11 4:29 p.m.2 views

CVE-2017-13070

A DLL Hijacking vulnerability in QNAP Qsync for Windows exe version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines...

7.8CVSS6.2AI score0.02176EPSS
Exploits0References1
Prion
Prion
added 2017/12/11 4:29 p.m.13 views

Spoofing

A DLL Hijacking vulnerability in QNAP Qsync for Windows exe version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines...

9.3CVSS8AI score0.02176EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/12/11 4:0 p.m.47 views

CVE-2017-13070

The provided documents confirm a DLL hijacking vulnerability in QNAP Qsync for Windows (exe) versions 4.2.2.0724 and earlier, where an attacker could remotely execute arbitrary code on Windows machines. Affected component: QNAP Qsync for Windows. Root cause: DLL hijacking vulnerability. Impact: r...

9.3CVSS8AI score0.02176EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/12/11 4:0 p.m.15 views

CVE-2017-13070

A DLL Hijacking vulnerability in QNAP Qsync for Windows exe version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines...

8AI score0.02176EPSS
Exploits0References1
Rows per page
Query Builder