Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

CVE
CVEadded 2 days ago8 views

CVE-2024-47263

CVE-2024-47263 affects Synology Hyper Backup’s Backup.Repository webapi component. The vulnerability is a path traversal in versions prior to 4.1.2-4036 that allows remote authenticated users with administrator privileges to write specific files containing non-sensitive information through unspec...

4.1CVSS5.8AI score0.00036EPSS
Exploits0References1
OpenVAS
OpenVASadded 2025/12/18 12:0 a.m.3 views

Synology DiskStation Manager (DSM) File Disclosure Vulnerability (Synology-SA-24:20) - Active Check

Synology DiskStation Manager DSM is prone to a file disclosure vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS6.8AI score0.02935EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/12/05 2:27 p.m.2 views

CVE-2024-5401

Improper control of dynamically-managed code resources vulnerability in WebAPI component in Synology DiskStation Manager DSM before 7.1.1-42962-8 and 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote authenticated users to obtain privileges witho...

8.8CVSS7AI score0.00054EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-26241

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00249EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-32122

Malicious code in bioql PyPI...

5.5CVSS5AI score0.00175EPSS
Exploits0References1
OSV
OSVadded 2024/03/28 7:16 a.m.0 views

CVE-2024-29237

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in ActionRule.Delete webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to read database containing non-sensitive information and...

5.4CVSS5.8AI score0.00249EPSS
Exploits0References1
OSV
OSVadded 2022/08/03 2:15 a.m.0 views

CVE-2022-27616

Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in webapi component in Synology DiskStation Manager DSM before 7.0.1-42218-3 allows remote authenticated users to execute arbitrary commands via unspecified vectors...

7.2CVSS6AI score
Exploits0References1
NCSC
NCSCadded 2022/08/03 12:0 a.m.1 views

Vulnerabilities fixed in Synology products

Synology has fixed vulnerabilities in multiple products. The vulnerabilities allow a malicious party to launch attacks the following categories of damage: Manipulation of data Remote code execution Application rights Access to sensitive data Synology rated the vulnerability with attribute...

7.2CVSS8AI score0.01623EPSS
Exploits0
OSV
OSVadded 2022/07/28 7:15 a.m.1 views

CVE-2022-22685

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in webapi component in Synology WebDAV Server before 2.4.0-0062 allows remote authenticated users to delete arbitrary files via unspecified vectors...

8.1CVSS5.9AI score
Exploits0References1
Prion
Prionadded 2021/06/23 10:15 a.m.13 views

Information disclosure

Exposure of sensitive information to an unauthorized actor vulnerability in webapi component in Synology DiskStation Manager DSM before 6.2.3-25426-3 allows remote attackers to obtain sensitive information via unspecified vectors...

5CVSS7.2AI score0.00361EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder