Lucene search
K

11 matches found

NCSC
NCSC
added 2026/04/10 12:11 p.m.8 views

Vulnerabilities fixed in Synology SSL VPN Client

Synology has fixed vulnerabilities in Synology SSL VPN Client. A malicious party can exploit these vulnerabilities because Synology SSL VPN Client with version before 1.4.5-0684 stores PINs insecurely and does not adequately shield files via a local HTTP server component. This can lead to...

8.1CVSS5.8AI score0.00322EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-20537

Malware in sbrugna...

8.1CVSS7.8AI score0.00753EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-5231

Malware in sbrugna...

8.8CVSS8.2AI score0.01384EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-58034

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:32 a.m.10 views

CVE-2023-5748

Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors...

5.5CVSS6.7AI score0.00194EPSS
Exploits0
CNNVD
CNNVD
added 2023/11/06 12:0 a.m.7 views

Synology SSL VPN Client Security Vulnerability

Synology SSL VPN Client is a VPN client software for secure connection to Synology NAS from China-based Synology Inc. A security vulnerability exists in Synology SSL VPN Client prior to version 1.4.7-0687, which stems from a buffer replication in the cgi component that does not check the input...

5.5CVSS6.6AI score0.00194EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/24 12:0 a.m.6 views

PT-2023-32302 · Synology · Synology Ssl Vpn Client

Name of the Vulnerable Software and Affected Versions: Synology SSL VPN Client versions prior to 1.4.7-0687 Description: The issue is related to a buffer copy without checking the size of the input, which is a 'Classic Buffer Overflow' vulnerability in the cgi component. This allows local users t...

5.5CVSS5.3AI score0.00194EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/04/01 2:25 p.m.18 views

CVE-2018-13283

Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the 1 command, 2 hostname, or 3 port parameter...

8.8CVSS8.6AI score0.01384EPSS
Exploits0References1
NVD
NVD
added 2018/07/06 12:29 p.m.18 views

CVE-2018-8929

Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload...

8.1CVSS7.3AI score0.00753EPSS
Exploits0References1
OSV
OSV
added 2018/07/06 12:29 p.m.3 views

CVE-2018-8929

Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload...

8.1CVSS5.8AI score0.00753EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/07/06 12:0 p.m.24 views

CVE-2018-8929

Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload...

7.3CVSS7.9AI score0.00753EPSS
Exploits0References1
Rows per page
Query Builder