EUVD-2023-43029

Malicious code in bioql PyPI...

Maladies fixed in Qnap QTS and QuTS Hero

QNAP has fixed vulnerabilities in QTS and QuTS Hero. A malicious party can exploit the vulnerabilities to execute arbitrary code execute arbitrary code on the system. QNAP has released updates to fix the vulnerabilities in QTS and QuTS Hero. For more information, see:...

CVE-2023-23369 QTS, Multimedia Console, and Media Streaming add-on

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: Multimedia Console 2.1.2 2023/05/04 and...

PT-2023-4610 · Qnap · Qts +1

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.0.1.2425 build 20230609 QTS versions prior to 5.1.0.2444 build 20230629 QTS versions prior to 4.5.4.2467 build 20230718 QuTS hero h5.1.0 versions prior to 2424 build 20230609 QuTS hero h4.5.4 versions prior to 2476 bui...

A week in security (April 25 – May 1)

Last week on Malwarebytes Labs: Why MITRE matters to SMBs Apple’s child safety features are coming to a Messages app near you Why software has so many vulnerabilities, with Tanya Janca: Lock and Code S03E09 Watch out for this SMS phish promising a tax refund Rogue ads phishing for cryptocurrency:...

Multiple security vulnerabilities in QNAP Qualcomm components

QNAP is a Turbo NAS operating system developed by QNAP Systems. The QNAP QTAP Qualcomm component has multiple security vulnerabilities, including command injection and information leakage vulnerabilities. An attacker can exploit the vulnerabilities to execute arbitrary code, bypass security...