CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2024/02/02 4:3 p.m.•16 views

CVE-2023-41274 QTS, QuTS hero, QuTScloud

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service DoS attack via a network. We have already fixed the vulnerability in the following...

5.5CVSS6.5AI score0.00437EPSS

CVE•added 2024/02/02 4:3 p.m.•41 views

CVE-2023-41274

An authenticated administrator could trigger a NULL pointer dereference in QNAP’s QTS/QuTS software, allowing a network-based DoS. Affected products include QTS, QuTS hero, and QuTScloud; fixed in QTS 5.1.2.2533 build 20230926 and later, QuTS hero h5.1.2.2534 build 20230927 and later, and QuTSclo...

5.5CVSS5.8AI score0.00437EPSS

Exploits0References1Affected Software3

Vulnrichment•added 2024/02/02 4:3 p.m.•18 views

CVE-2023-41273 QTS, QuTS hero, QuTScloud

A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533...

5.5CVSS7.4AI score0.00555EPSS

Cvelist•added 2024/02/02 4:3 p.m.•26 views

CVE-2023-41273 QTS, QuTS hero, QuTScloud

5.5CVSS7.6AI score0.00555EPSS

CVE•added 2024/02/02 4:3 p.m.•49 views

CVE-2023-39297

CVE-2023-39297 is an OS command injection affecting several QNAP OS versions. The root cause is command execution via the network by authenticated users. Impact is high: confidentiality, integrity, and availability are all rated high (CVSS v3.1: 8.8). Affected products include QTS and QuTS Hero/C...

8.8CVSS9.3AI score0.01405EPSS

Exploits0References1Affected Software3

Cvelist•added 2024/02/02 4:2 p.m.•13 views

CVE-2023-32967 QTS, QuTScloud

An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. QTS 5.x, QuTS hero are not affected. We have already fixed the...

5CVSS6.8AI score0.00329EPSS

5.5CVSS6.7AI score0.00437EPSS

QNAP Multiple Products Code Issue Vulnerability

QNAP Systems QuTScloud and others are products of China Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-range QNAP NAS use. QNAP Systems QuTS hero is an operating system....

7.2CVSS7.7AI score0.01178EPSS

QNAP Operating System Command Injection Vulnerability in Multiple Products

7.2CVSS7.3AI score0.00547EPSS

QNAP Multiple Product Security Vulnerabilities

CNNVD•added 2024/02/02 12:0 a.m.•4 views

QNAP Multiple Product Path Traversal Vulnerability

5.5CVSS6.5AI score0.00454EPSS

CNNVD•added 2024/02/02 12:0 a.m.•2 views

QNAP Multiple Product Security Vulnerabilities

7.2CVSS7.3AI score0.0058EPSS

7.2CVSS7.7AI score0.01108EPSS

QNAP Operating System Command Injection Vulnerability in Multiple Products

Positive Technologies•added 2024/02/02 12:0 a.m.•2 views

PT-2024-1626 · Qnap · Quts Hero +2

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.5.2645 build 20240116 QuTS hero versions prior to h5.1.5.2647 build 20240118 QuTScloud versions prior to c5.1.5.2651 Description: An OS command injection issue has been reported, affecting several QNAP operating syst...

8.3CVSS7.2AI score0.01178EPSS

Exploits0References7

Positive Technologies•added 2024/02/02 12:0 a.m.•3 views

PT-2024-1515 · Qnap · Qts +2

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.4.2596 build 20231128 QTS versions prior to 4.5.4.2627 build 20231225 QuTS hero versions prior to h5.1.4.2596 build 20231128 QuTS hero versions prior to h4.5.4.2626 build 20231225 QuTScloud versions prior to...

9.8CVSS9.4AI score0.01128EPSS

Exploits0References7

CNNVD•added 2024/02/02 12:0 a.m.•4 views

QNAP Multiple Products Operating System Command Injection Vulnerability

QNAP Systems QTS is an operating system used by QNAP Systems, an entry to mid-level QNAP NAS. A security vulnerability exists in multiple QNAP products that stems from an operating system command injection vulnerability. The vulnerability could allow an authenticated administrator to execute...

7.2CVSS7.7AI score0.00968EPSS

Positive Technologies•added 2024/02/02 12:0 a.m.•3 views

PT-2024-1637 · Qnap · Qts +1

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 4.5.4.2627 build 20231225 QuTScloud versions prior to c5.1.5.2651 Description: The issue is related to an incorrect authorization procedure in QNAP operating system versions, which could allow authenticated users to bypa...

6.8CVSS6.2AI score0.00329EPSS

Exploits0References7

8.8CVSS7.8AI score0.00535EPSS

QNAP SQL Injection Vulnerabilities in Multiple Products

Positive Technologies•added 2024/02/02 12:0 a.m.•2 views

PT-2024-1623 · Qnap · Qnap Qts +2

Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.1.5.2645 build 20240116 QNAP QuTS hero versions prior to h5.1.5.2647 build 20240118 QNAP QuTScloud versions prior to c5.1.5.2651 Description: An uncontrolled resource consumption issue has been reported, potential...

6.1CVSS4.9AI score0.00437EPSS

Exploits0References6

8.8CVSS7.7AI score0.01405EPSS

QNAP Operating System Command Injection Vulnerability in Multiple Products