CVE-2022-50695 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x ICMP Flood Attack via Network Commands

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthenticated attackers to send ICMP signals to arbitrary hosts through network command scripts. Attackers can abuse ping.php, traceroute.php, and dns.php to generate network flooding attacks targeting...

EUVD-2024-19514

Malicious code in bioql PyPI...

EUVD-2023-33912

Malicious code in bioql PyPI...

EUVD-2023-55159

Malicious code in bioql PyPI...

CVE-2024-21903

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722...

CVE-2023-2423

A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the product sends communications to the local event log. Threat actors could exploit this vulnerability by sending an influx of network commands, causing the product to generate an influx of event log traffic at...

CVE-2024-27124

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

Qnap QTS OS Command Injection (CVE-2023-41281)

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596...

CVE-2024-21898

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build...

CVE-2023-34979

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 4.5.4.2790...

CVE-2024-21903

CVE-2024-21903 is an OS command injection vulnerability affecting QNAP QTS and QuTS hero. It allows authenticated administrators to execute commands over the network. The root cause details are not provided in the documents beyond the command-injection nature. Benign exploitation details are not ...

CVE-2024-21900

An injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and...

QNAP QTS, QuTS hero, QuTScloud OS Command Injection Vulnerability (CVE-2023-47218, QSA-23-57) - Active Check

QNAP QTS, QuTS hero and QuTScloud are prone to an OS command injection vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX...

CVE-2023-39302

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578...

Command injection

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596...

Multiple QNAP Systems Products Operating System Command Injection Vulnerability

QNAP Systems QTS is an operating system used by China Weilian Technology QNAP Systems for entry to mid-level QNAP NAS. The vulnerability stems from the presence of an operating system command injection vulnerability in multiple QNAP products. The vulnerability could allow an authenticated...

QNAP Operating System Command Injection Vulnerability in Multiple Products

QNAP Systems QuTScloud and others are products of China Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-range QNAP NAS use. QNAP Systems QuTS hero is an operating system...

CVE-2023-39294

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578...

Memory corruption

Memory corruption while running NPU, when NETWORKUNLOAD and NETWORKUNLOAD or NETWORKEXECUTEV2 commands are submitted at the same time...

CVE-2023-33114

CVE-2023-33114 involves memory corruption in the Neural Processing Unit (NPU) when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted concurrently. According to Qualcomm’s bulletin, this affects Qualcomm components with NPU/Kernal subsystems and is rated High severit...