41 matches found
EUVD-2020-22297
Malware in sbrugna...
EUVD-2020-22298
Malware in sbrugna...
EUVD-2020-22296
Malware in sbrugna...
EUVD-2020-22292
Malware in sbrugna...
EUVD-2014-9236
Malware in sbrugna...
CVE-2023-23355
An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote authenticated administrators to execute commands via unspecified vectors. QES is not affected. We have already fixed the vulnerability in the following...
Qnap QES Generation of Error Message Containing Sensitive Information (CVE-2020-2505)
If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mo...
Qnap QES Cross-site Scripting (CVE-2020-2503)
If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later. This plugin only works with Tenable.ot. Please visit...
Qnap QTS NULL Pointer Dereference (CVE-2023-32970)
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service DoS attack via a network. QES is not affected. We have already fixed the vulnerabilit...
Qnap QES Path Traversal (CVE-2020-2504)
If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Qnap QES Use of Hard-coded Credentials (CVE-2020-2499)
A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later. This plugin only works with Tenable.ot...
CVE-2023-34974
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: Q...
CVE-2023-34974 QTS, QuTS hero, QuTScloud, QVR, QES
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: Q...
CVE-2023-23355 QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances), QVR
An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote authenticated administrators to execute commands via unspecified vectors. QES is not affected. We have already fixed the vulnerability in the following...
QNAP QES Installed
Binary data qnapqesinstalled.nbin...
QNAP QTS/QES/QuTS hero - Web Detection
Binary data qnapqtsqutsherowebdetect.nbin...
The vulnerability of the QES operating system, related to deficiencies in the mechanism for generating error reports, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the QES operating system is related to deficiencies in the mechanism for generating error reports. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
The vulnerability of the QES operating system, related to the use of strict password encoding, allows attackers to escalate their privileges and execute arbitrary code.
The vulnerability of the QES operating system is related to the use of fixed password encoding. Exploiting this vulnerability can allow an attacker to increase their privileges and execute arbitrary code...
The vulnerability of the QES operating system, related to the lack of measures taken to protect the structure of web pages, allows attackers to execute cross-site scripting attacks.
The vulnerability of the QES operating system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
QNAP QES Directory Traversal Vulnerability
QNAP QES is a desktop operating system mainly used for managing files by QNAP China. A directory traversal vulnerability exists in QNAP QES, which can be exploited by a remote attacker to submit a special request to obtain sensitive information...