18 matches found
EUVD-2024-54100
Malicious code in bioql PyPI...
EUVD-2024-54101
Malicious code in bioql PyPI...
The vulnerability of the webapi component of the cloud software for file storage, synchronization, and sharing with Synology Drive Server allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the webapi component of the cloud software for file storage, synchronization, and sharing with Synology Drive Server is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthoriz...
CVE-2024-50631
Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...
CVE-2024-50630
Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to obtain administrator credentials via unspecified vectors...
CVE-2024-50631
Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...
CVE-2024-50630
Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to obtain administrator credentials via unspecified vectors...
CVE-2024-50631
Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...
CVE-2024-50631
CVE-2024-50631 affects Synology Drive Server; the system syncing daemon is vulnerable to SQL injection due to improper neutralization of special elements in SQL commands. Versions affected include before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102. The vulnerability can allow remote att...
CVE-2024-50631
Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...
CVE-2024-50631
Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...
CVE-2024-50630
Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to obtain administrator credentials via unspecified vectors...
CVE-2024-50630
Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to obtain administrator credentials via unspecified vectors...
CVE-2024-50630
Synology Drive Server’s webapi component has a missing authentication issue that allows remote attackers to obtain administrator credentials. Affected versions are before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102. The vulnerability is defined as a missing-authentication for a critical...
PT-2025-11663
Name of the Vulnerable Software and Affected Versions Synology Drive Server versions prior to 3.0.4-12699 Synology Drive Server versions prior to 3.2.1-23280 Synology Drive Server versions prior to 3.5.0-26085 Synology Drive Server versions prior to 3.5.1-26102 Description The issue is related to...
Synology Drive Server SQL注入漏洞
Synology Drive Server is a collaborative office suite from China-based Synology. The product includes document management, collaborative office and file synchronization and backup features. A SQL injection vulnerability exists in Synology Drive Server versions prior to 3.0.4-12699, prior to...
Synology Drive Server 访问控制错误漏洞
Synology Drive Server is a collaborative office suite from Synology China. The product includes document management, collaborative office and file synchronization and backup features. An access control error vulnerability exists in Synology Drive Server versions prior to 3.0.4-12699, prior to...
PT-2025-11662
Name of the Vulnerable Software and Affected Versions Synology Drive Server versions prior to 3.0.4-12699 Synology Drive Server versions prior to 3.2.1-23280 Synology Drive Server versions prior to 3.5.0-26085 Synology Drive Server versions prior to 3.5.1-26102 Description The issue is related to...