Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

323 matches found

NVD
NVDadded 2024/02/02 4:15 p.m.7 views

CVE-2023-32967

An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. QTS 5.x, QuTS hero are not affected. We have already fixed the...

6.5CVSS5.3AI score0.00329EPSS
Exploits0References1
NVD
NVDadded 2024/02/02 4:15 p.m.22 views

CVE-2023-39297

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build...

8.8CVSS8.9AI score0.01405EPSS
Exploits0References1
Prion
Prionadded 2024/02/02 4:15 p.m.18 views

Authorization

An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. QTS 5.x, QuTS hero are not affected. We have already fixed the...

4CVSS6.9AI score0.00329EPSS
Exploits0References1Affected Software2
Prion
Prionadded 2024/02/02 4:15 p.m.20 views

Null pointer dereference

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service DoS attack via a network. We have already fixed the vulnerability in the following...

3.3CVSS6.9AI score0.00437EPSS
Exploits0References1Affected Software3
Prion
Prionadded 2024/02/02 4:15 p.m.17 views

Sql injection

A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 2024011...

6.5CVSS8AI score0.00535EPSS
Exploits0References1Affected Software3
Prion
Prionadded 2024/02/02 4:15 p.m.14 views

Command injection

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596...

5.8CVSS7.9AI score0.00968EPSS
Exploits0References1Affected Software3
Prion
Prionadded 2024/02/02 4:15 p.m.16 views

Input validation

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

5.8CVSS7.5AI score0.00547EPSS
Exploits0References1Affected Software3
Prion
Prionadded 2024/02/02 4:15 p.m.15 views

Denial of service

An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service DoS attack via a network. We have already fixed the vulnerability in the...

3.3CVSS6.9AI score0.00437EPSS
Exploits0References1Affected Software3
Prion
Prionadded 2024/02/02 4:15 p.m.15 views

Input validation

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

5.8CVSS7.5AI score0.0058EPSS
Exploits0References1Affected Software3
Prion
Prionadded 2024/02/02 4:15 p.m.14 views

Input validation

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

5.8CVSS7.5AI score0.0058EPSS
Exploits0References1Affected Software3
Prion
Prionadded 2024/02/02 4:15 p.m.16 views

Path traversal

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in...

3.3CVSS6.6AI score0.00454EPSS
Exploits0References1Affected Software3
Cvelist
Cvelistadded 2024/02/02 4:6 p.m.15 views

CVE-2023-47568 QTS, QuTS hero, QuTScloud

A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 2024011...

8.8CVSS9AI score0.00535EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/02/02 4:6 p.m.12 views

CVE-2023-47567 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645...

4.7CVSS7.5AI score0.01108EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/02/02 4:6 p.m.28 views

CVE-2023-47567 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645...

4.7CVSS8.3AI score0.01108EPSS
Exploits0References1
CVE
CVEadded 2024/02/02 4:6 p.m.62 views

CVE-2023-47567

CVE-2023-47567 is an OS command injection affecting multiple QNAP OS lines. The vulnerability could allow authenticated administrators to execute commands over the network. Public artifacts list fixes in specific releases: QTS 5.1.5.2645 build 20240116 and later; QTS 4.5.4.2627 build 20231225 and...

7.2CVSS8AI score0.01108EPSS
Exploits0References1Affected Software3
Cvelist
Cvelistadded 2024/02/02 4:5 p.m.15 views

CVE-2023-47566 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645...

6.7CVSS7.7AI score0.01178EPSS
Exploits0References1
CVE
CVEadded 2024/02/02 4:5 p.m.40 views

CVE-2023-45036

CVE-2023-45036 affects QNAP QTS/QTS Hero/QuTScloud. A buffer copy without checking input size could allow an authenticated administrator to execute code over the network. Remediations are in place: QTS 5.1.3.2578/build 20231110 and later; QuTS hero h5.1.3.2578/build 20231110 and later; QuTScloud ...

7.2CVSS7.2AI score0.0058EPSS
Exploits0References1Affected Software3
CVE
CVEadded 2024/02/02 4:5 p.m.51 views

CVE-2023-45028

CVE-2023-45028 is an reported uncontrolled resource consumption vulnerability affecting multiple QNAP OS families (QTS, QuTS hero, QuTScloud). The issue allows authenticated administrators to trigger a network-based denial-of-service (DoS). Affected versions are fixed in QTS 5.1.5.2645/build 2024...

5.5CVSS4.9AI score0.00437EPSS
Exploits0References1Affected Software3
CVE
CVEadded 2024/02/02 4:5 p.m.51 views

CVE-2023-45027

CVE-2023-45027 is a path-traversal vulnerability affecting multiple QNAP OS lines: QTS, QuTS hero, and QuTScloud. The issue could allow an authenticated administrator to read contents of unexpected files and exfiltrate sensitive data over the network. Fixes are available in: QTS 5.1.5.2645 build ...

5.5CVSS5.6AI score0.00481EPSS
Exploits0References1Affected Software3
Vulnrichment
Vulnrichmentadded 2024/02/02 4:5 p.m.1 views

CVE-2023-45025 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later...

9CVSS8AI score0.01128EPSS
Exploits0References1
Rows per page
Query Builder