Lucene search
K

15 matches found

NVD
NVD
added 2026/06/10 4:17 a.m.16 views

CVE-2025-66273

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS0.01049EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.13 views

QNAP Systems QTS和QNAP Systems QuTS hero 操作系统命令注入漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. Both products have an operating system command injection vulnerability. This vulnerability arises from command injections, whic...

8.6CVSS6AI score0.00988EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.11 views

CVE-2023-45042

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

7.2CVSS7.2AI score0.0064EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/02 12:0 a.m.7 views

PT-2026-1072

Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.7.3256 build 20250913 QNAP QuTS hero h5.2.7 versions prior to 5.2.7.3256 build 20250913 QNAP QuTS hero h5.3.1 versions prior to 5.3.1.3250 build 20250912 Description A NULL pointer dereference issue exists in QNA...

5.1CVSS6.7AI score0.003EPSS
Exploits0References5
NVD
NVD
added 2025/12/16 3:15 a.m.9 views

CVE-2025-62849

An SQL injection vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297 build 20251024 and...

9.8CVSS0.00919EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/16 2:25 a.m.4 views

EUVD-2025-203490

An improper neutralization of argument delimiters in a command vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to alter execution logic. We have already fixed the vulnerability in the following versions: QTS...

8.7CVSS6.6AI score0.00778EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-16742

Malware in sbrugna...

9.8CVSS9.2AI score0.02685EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-22289

Malware in sbrugna...

6.1CVSS6.3AI score0.01011EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-23758

Malware in sbrugna...

6.1CVSS6.3AI score0.00581EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-37194

Malicious code in bioql PyPI...

7.2CVSS6.9AI score0.00547EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/09 4:47 p.m.18 views

CVE-2024-38638

An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. QTS 5.2.x/QuTS hero h5.2.x are not affected. We have already fixe...

2.1CVSS7AI score0.00465EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.5 views

PT-2024-9217 · Qnap · Qts +1

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.9.2954 build 20241120 QTS versions prior to 5.2.2.2950 build 20241114 QuTS hero versions prior to h5.1.9.2954 build 20241120 QuTS hero versions prior to h5.2.2.2952 build 20241116 Description: A command injection...

10CVSS8.5AI score0.01319EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/10/13 12:0 a.m.4 views

PT-2023-8837 · Qnap · Quts Hero +2

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.0.1.2425 build 20230609 QTS versions prior to 5.1.0.2444 build 20230629 QTS versions prior to 4.5.4.2467 build 20230718 QuTS hero h versions prior to h5.0.1.2515 build 20230907 QuTS hero h versions prior to h5.1.0.2424...

8.3CVSS7.3AI score0.00547EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/13 12:0 a.m.4 views

PT-2023-8757 · Qnap · Quts Hero +2

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.0.2444 build 20230629 QuTS hero versions prior to h5.1.0.2424 build 20230609 QuTScloud versions prior to c5.1.0.2498 Description: A path traversal vulnerability has been reported, which could allow users to read the...

7.8CVSS7.1AI score0.0061EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/12/10 3:45 a.m.30 views

CVE-2020-2498 Cross-site scripting vulnerability in QTS and QuTS hero

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 bui...

6.3AI score0.00596EPSS
Exploits0References1
Rows per page
Query Builder