23 matches found
PT-2026-53688
Name of the Vulnerable Software and Affected Versions Synology MailPlus Server versions prior to 4.0.1-31663 Description A critical flaw allows remote attackers to read and write arbitrary files and access internal services, which likely leads to remote code execution RCE, a state where an attack...
EUVD-2018-5244
Malware in sbrugna...
EUVD-2017-7309
Malware in sbrugna...
EUVD-2017-7947
Malware in sbrugna...
Synology MailPlus Server Resource Management Error Vulnerability
Synology MailPlus Server is an email service suite from Synology Inc. of Taiwan, China. The product supports managing user accounts, email records, and more. A resource management error vulnerability exists in Synology MailPlus Server. An attacker can exploit the vulnerability to cause a denial o...
CVE-2018-13296
Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation...
Authentication flaw
Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation...
CVE-2018-13296
Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation...
CVE-2018-13296
Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation...
CVE-2018-13296
CVE-2018-13296 affects Synology MailPlus Server; a TLS configuration flaw allows DoS via client-initiated renegotiation in versions before 2.0.5-0606. The issue is documented with CVSS v2/v3 scores (5.0/7.5) and a DoS impact. No exploitation details or fixes are provided in the connected document...
Synology MailPlus Server Cross-Site Scripting Vulnerability
Synology MailPlus Server is a mail server solution for businesses. A cross-site scripting vulnerability exists in the User Policy editor in Synology MailPlus Server. A remote authenticated user can exploit the vulnerability to inject arbitrary HTML via the name parameter...
CVE-2017-16768
Cross-site scripting XSS vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter...
CVE-2017-16768
Cross-site scripting XSS vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter...
CVE-2017-16768
Cross-site scripting XSS vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter...
CVE-2017-16768
CVE-2017-16768 is a cross-site scripting (XSS) vulnerability in the User Policy editor of Synology MailPlus Server prior to version 1.4.0-0415. The issue allows remote authenticated users to inject arbitrary HTML via the name parameter, with impact described as partial integrity impact and low co...
Synology MailPlus Server Disclaimer Cross-Site Scripting Vulnerability
Synology MailPlus Server is an email service suite from Synology. The product supports managing user accounts, email records, etc. Disclaimer is one of the disclaimer modules. A cross-site scripting vulnerability exists in Disclaimer in Synology MailPlus Server versions prior to 1.4.0-0415. A...
CVE-2017-15890
Cross-site scripting XSS vulnerability in Disclaimer in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary web script or HTML via the NAME parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in Disclaimer in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary web script or HTML via the NAME parameter...
CVE-2017-15890
Cross-site scripting XSS vulnerability in Disclaimer in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary web script or HTML via the NAME parameter...