CVE-2026-32926

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!loadlinkinf. Opening a crafted V7 file may lead to information disclosure from the affected product...

CVE-2023-40453

Docker Machine through 0.16.2 allows an attacker, who has control of a worker node, to provide crafted version data, which might potentially trick an administrator into performing an unsafe action via escape sequence injection, or might have a data size that causes a denial of service to a bastio...

Authentication flaw

A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An...

CVE-2017-9553

A design flaw in SYNO.API.Encryption in Synology DiskStation Manager DSM before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter...

Design/Logic Flaw

A design flaw in SYNO.API.Encryption in Synology DiskStation Manager DSM before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter...

PT-2017-19013 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.3-15152 Description: A design flaw in SYNO.API.Encryption allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter. Recommendations: For...