Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-54100

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.24866EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-54101

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.22718EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.7 views

The vulnerability of the webapi component of the cloud software for file storage, synchronization, and sharing with Synology Drive Server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the webapi component of the cloud software for file storage, synchronization, and sharing with Synology Drive Server is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthoriz...

7.8CVSS7.2AI score0.22718EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/21 6:19 a.m.10 views

CVE-2024-50631

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...

7.5CVSS8.2AI score0.24866EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/21 6:19 a.m.6 views

CVE-2024-50630

Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to obtain administrator credentials via unspecified vectors...

7.5CVSS7.6AI score0.22718EPSS
Exploits0References1
OSV
OSV
added 2025/03/19 6:15 a.m.7 views

CVE-2024-50631

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...

7.5CVSS5.9AI score0.24866EPSS
Exploits0References1
NVD
NVD
added 2025/03/19 6:15 a.m.5 views

CVE-2024-50630

Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to obtain administrator credentials via unspecified vectors...

7.5CVSS0.22718EPSS
Exploits0References1
NVD
NVD
added 2025/03/19 6:15 a.m.4 views

CVE-2024-50631

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...

7.5CVSS0.24866EPSS
Exploits0References1
CVE
CVE
added 2025/03/19 5:50 a.m.47 views

CVE-2024-50631

CVE-2024-50631 affects Synology Drive Server; the system syncing daemon is vulnerable to SQL injection due to improper neutralization of special elements in SQL commands. Versions affected include before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102. The vulnerability can allow remote att...

7.5CVSS7.8AI score0.24866EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/03/19 5:50 a.m.14 views

CVE-2024-50631

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...

7.5CVSS0.24866EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/19 5:50 a.m.6 views

CVE-2024-50631

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...

7.5CVSS8AI score0.24866EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/19 5:50 a.m.13 views

CVE-2024-50630

Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to obtain administrator credentials via unspecified vectors...

7.5CVSS0.22718EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/19 5:50 a.m.6 views

CVE-2024-50630

Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to obtain administrator credentials via unspecified vectors...

7.5CVSS7.4AI score0.22718EPSS
Exploits0References1
CVE
CVE
added 2025/03/19 5:50 a.m.47 views

CVE-2024-50630

Synology Drive Server’s webapi component has a missing authentication issue that allows remote attackers to obtain administrator credentials. Affected versions are before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102. The vulnerability is defined as a missing-authentication for a critical...

7.5CVSS7.3AI score0.22718EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/19 12:0 a.m.5 views

PT-2025-11663

Name of the Vulnerable Software and Affected Versions Synology Drive Server versions prior to 3.0.4-12699 Synology Drive Server versions prior to 3.2.1-23280 Synology Drive Server versions prior to 3.5.0-26085 Synology Drive Server versions prior to 3.5.1-26102 Description The issue is related to...

7.5CVSS7.2AI score0.24866EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.5 views

Synology Drive Server SQL注入漏洞

Synology Drive Server is a collaborative office suite from China-based Synology. The product includes document management, collaborative office and file synchronization and backup features. A SQL injection vulnerability exists in Synology Drive Server versions prior to 3.0.4-12699, prior to...

7.5CVSS7.8AI score0.24866EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.5 views

Synology Drive Server 访问控制错误漏洞

Synology Drive Server is a collaborative office suite from Synology China. The product includes document management, collaborative office and file synchronization and backup features. An access control error vulnerability exists in Synology Drive Server versions prior to 3.0.4-12699, prior to...

7.5CVSS6.8AI score0.22718EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/05 12:0 a.m.7 views

PT-2025-11662

Name of the Vulnerable Software and Affected Versions Synology Drive Server versions prior to 3.0.4-12699 Synology Drive Server versions prior to 3.2.1-23280 Synology Drive Server versions prior to 3.5.0-26085 Synology Drive Server versions prior to 3.5.1-26102 Description The issue is related to...

7.8CVSS7AI score0.22718EPSS
Exploits0References15
Rows per page
Query Builder