Lucene search
K

23 matches found

Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-53688

Name of the Vulnerable Software and Affected Versions Synology MailPlus Server versions prior to 4.0.1-31663 Description A critical flaw allows remote attackers to read and write arbitrary files and access internal services, which likely leads to remote code execution RCE, a state where an attack...

6.6AI score
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-5244

Malware in sbrugna...

7.5CVSS7.6AI score0.01762EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-7309

Malware in sbrugna...

4.8CVSS5.1AI score0.00774EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-7947

Malware in sbrugna...

4.8CVSS5.1AI score0.00992EPSS
Exploits0References2
CNVD
CNVD
added 2019/04/03 12:0 a.m.3 views

Synology MailPlus Server Resource Management Error Vulnerability

Synology MailPlus Server is an email service suite from Synology Inc. of Taiwan, China. The product supports managing user accounts, email records, and more. A resource management error vulnerability exists in Synology MailPlus Server. An attacker can exploit the vulnerability to cause a denial o...

7.5CVSS6.7AI score0.01762EPSS
Exploits0References1
NVD
NVD
added 2019/04/01 3:29 p.m.18 views

CVE-2018-13296

Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation...

7.5CVSS7.5AI score0.01762EPSS
Exploits0References1
Prion
Prion
added 2019/04/01 3:29 p.m.15 views

Authentication flaw

Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation...

5CVSS7.5AI score0.01762EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/04/01 3:29 p.m.4 views

CVE-2018-13296

Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation...

7.5CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2019/04/01 2:29 p.m.21 views

CVE-2018-13296

Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation...

7.5CVSS7.5AI score0.01762EPSS
Exploits0References1
CVE
CVE
added 2019/04/01 2:29 p.m.49 views

CVE-2018-13296

CVE-2018-13296 affects Synology MailPlus Server; a TLS configuration flaw allows DoS via client-initiated renegotiation in versions before 2.0.5-0606. The issue is documented with CVSS v2/v3 scores (5.0/7.5) and a DoS impact. No exploitation details or fixes are provided in the connected document...

7.5CVSS7.5AI score0.01762EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/12/28 12:0 a.m.2 views

Synology MailPlus Server Cross-Site Scripting Vulnerability

Synology MailPlus Server is a mail server solution for businesses. A cross-site scripting vulnerability exists in the User Policy editor in Synology MailPlus Server. A remote authenticated user can exploit the vulnerability to inject arbitrary HTML via the name parameter...

4.8CVSS6AI score0.00992EPSS
Exploits0References1
NVD
NVD
added 2017/12/27 5:29 p.m.18 views

CVE-2017-16768

Cross-site scripting XSS vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter...

4.8CVSS4.8AI score0.00992EPSS
Exploits0References1
Prion
Prion
added 2017/12/27 5:29 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter...

3.5CVSS4.7AI score0.00992EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/12/27 5:29 p.m.4 views

CVE-2017-16768

Cross-site scripting XSS vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter...

4.8CVSS5.9AI score0.00992EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/12/27 5:0 p.m.22 views

CVE-2017-16768

Cross-site scripting XSS vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter...

4.8AI score0.00992EPSS
Exploits0References1
CVE
CVE
added 2017/12/27 5:0 p.m.45 views

CVE-2017-16768

CVE-2017-16768 is a cross-site scripting (XSS) vulnerability in the User Policy editor of Synology MailPlus Server prior to version 1.4.0-0415. The issue allows remote authenticated users to inject arbitrary HTML via the name parameter, with impact described as partial integrity impact and low co...

4.8CVSS4.7AI score0.00992EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/12/19 12:0 a.m.3 views

Synology MailPlus Server Disclaimer Cross-Site Scripting Vulnerability

Synology MailPlus Server is an email service suite from Synology. The product supports managing user accounts, email records, etc. Disclaimer is one of the disclaimer modules. A cross-site scripting vulnerability exists in Disclaimer in Synology MailPlus Server versions prior to 1.4.0-0415. A...

4.8CVSS5.9AI score0.00774EPSS
Exploits0References1
OSV
OSV
added 2017/12/15 3:29 p.m.3 views

CVE-2017-15890

Cross-site scripting XSS vulnerability in Disclaimer in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary web script or HTML via the NAME parameter...

4.8CVSS5.9AI score0.00774EPSS
Exploits0References1
Prion
Prion
added 2017/12/15 3:29 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in Disclaimer in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary web script or HTML via the NAME parameter...

3.5CVSS4.7AI score0.00774EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/12/15 3:29 p.m.14 views

CVE-2017-15890

Cross-site scripting XSS vulnerability in Disclaimer in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary web script or HTML via the NAME parameter...

4.8CVSS4.8AI score0.00774EPSS
Exploits0References1
Rows per page
Query Builder