3 matches found
CVE-2025-62848
CVE-2025-62848 is a NULL pointer dereference vulnerability reported affecting multiple QNAP platforms (QTS and QuTS hero). The issue allows remote attackers to trigger a denial-of-service via network access, as described in vendor notes. Affected versions have been patched in QTS 5.2.7.3297 build...
Qnap QTS and QuTS hero Buffer Copy without Checking Size of Input (CVE-2024-37041)
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the followin...
CVE-2020-15128
In OctoberCMS before version 1.0.468, encrypted cookie values were not tied to the name of the cookie the value belonged to. This meant that certain classes of attacks that took advantage of other theoretical vulnerabilities in user facing code nothing exploitable in the core project itself had a...