CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/02/11 12:0 a.m.•5 views

PT-2026-7542

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.4 Description A buffer overflow issue exists in Qsync Central. A remote attacker who obtains a user account can exploit this to alter memory or cause processes to crash. Recommendations Update to Qsync...

8.1CVSS5.8AI score0.00378EPSS

Positive Technologies•added 2026/02/11 12:0 a.m.•3 views

PT-2026-7540

A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...

8.1CVSS5.8AI score0.00299EPSS

ATTACKERKB•added 2026/02/10 7:28 p.m.•2 views

CVE-2024-36355

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...

7CVSS6.2AI score0.00153EPSS

Exploits0References4

EUVD•added 2026/01/26 10:6 a.m.•4 views

EUVD-2025-206374

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...

7CVSS5.9AI score0.00097EPSS

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-53407)

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...

6.5CVSS5.4AI score0.00331EPSS

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-48730)

6.5CVSS5.4AI score0.00409EPSS

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

Qnap QTS and QuTS hero Double Free (CVE-2024-53698)

A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 bui...

4.9CVSS5.3AI score0.00359EPSS

Tenable Nessus•added 2026/01/16 12:0 a.m.•4 views

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-53406)

6.5CVSS5.4AI score0.00331EPSS

Tenable Nessus•added 2026/01/16 12:0 a.m.•4 views

Qnap QTS and QuTS hero Out-of-bounds Write (CVE-2024-38638)

An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. QTS 5.2.x/QuTS hero h5.2.x are not affected. We have already fixe...

7.2CVSS5.4AI score0.00465EPSS

RedhatCVE•added 2026/01/09 10:0 a.m.•8 views

CVE-2020-7457

In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV62292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory...

8.1CVSS6.9AI score0.32978EPSS

Exploits4References1

RedhatCVE•added 2026/01/03 3:54 p.m.•8 views

CVE-2025-62852

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Q...

6.5CVSS7.3AI score0.00304EPSS

RedhatCVE•added 2026/01/03 3:54 p.m.•2 views

CVE-2025-53597

A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: License Center 2.0.36 and...

6.5CVSS7.3AI score0.00568EPSS

RedhatCVE•added 2026/01/03 3:7 p.m.•10 views

CVE-2025-52864

8.1CVSS7.3AI score0.00299EPSS

RedhatCVE•added 2026/01/03 3:7 p.m.•14 views

CVE-2025-53591

6.5CVSS6.8AI score0.00285EPSS