CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

89 matches found

NVD•added 2026/06/10 4:17 a.m.•10 views

CVE-2025-66273

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS0.00988EPSS

Exploits0References1

CNNVD•added 2026/06/10 12:0 a.m.•12 views

QNAP Systems QTS和QNAP Systems QuTS hero 安全漏洞

QNAP Systems QTS and QNAP Systems QuTS are both products of QNAP Systems Corporation. QNAP Systems QTS is an entry-level operating system. QNAP Systems QuTS hero is a software with data storage and management capabilities. Both QNAP Systems QTS and QNAP Systems QuTS hero have security...

7.2CVSS5.5AI score0.00331EPSS

Exploits0References2

Positive Technologies•added 2026/03/11 12:0 a.m.•3 views

PT-2026-24596

🚨 CVE-2024-14026 A command injection vulnerability has been reported to affect several QNAP operating system versions. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the...

7.8CVSS6AI score0.00624EPSS

Exploits0References8

Tenable Nessus•added 2026/01/20 12:0 a.m.•1 views

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-53414)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS5.5AI score0.003EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 12:34 p.m.•10 views

CVE-2023-45042

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

7.2CVSS7.2AI score0.0064EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:1 p.m.•5 views

CVE-2018-19949

If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build...

9.8CVSS7.5AI score0.24449EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:55 a.m.•5 views

CVE-2018-19943

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later Q...

8CVSS6.2AI score0.17705EPSS

Exploits0References1

RedhatCVE•added 2026/01/03 3:7 p.m.•9 views

CVE-2025-53592

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following...

6.5CVSS6.8AI score0.00286EPSS

Exploits0References1

NVD•added 2026/01/02 3:16 p.m.•6 views

CVE-2025-54165

An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following versions: QTS...

6.9CVSS0.00286EPSS

Exploits0References1

Positive Technologies•added 2026/01/02 12:0 a.m.•3 views

PT-2026-1072

Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.7.3256 build 20250913 QNAP QuTS hero h5.2.7 versions prior to 5.2.7.3256 build 20250913 QNAP QuTS hero h5.3.1 versions prior to 5.3.1.3250 build 20250912 Description A NULL pointer dereference issue exists in QNA...

5.1CVSS6.7AI score0.003EPSS

Exploits0References5

NVD•added 2025/12/16 3:15 a.m.•5 views

CVE-2025-62849

An SQL injection vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297 build 20251024 and...

9.8CVSS0.00919EPSS

Exploits0References1

EUVD•added 2025/12/16 2:25 a.m.•3 views

EUVD-2025-203490

An improper neutralization of argument delimiters in a command vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to alter execution logic. We have already fixed the vulnerability in the following versions: QTS...

8.7CVSS6.6AI score0.00778EPSS

Exploits0References2

Positive Technologies•added 2025/11/08 12:0 a.m.•4 views

PT-2025-46142

Name of the Vulnerable Software and Affected Versions QNAP HBS 3 Hybrid Backup Sync versions prior to 26.2.0.938 Description A flaw exists in QNAP HBS 3 Hybrid Backup Sync related to incorrect path restriction for an access-limited directory. Successful exploitation by a remote attacker could lea...

7.8CVSS7.3AI score0.00203EPSS

Exploits0References11

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-22289

Malware in sbrugna...

6.1CVSS6.3AI score0.01011EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-23758

Malware in sbrugna...

6.1CVSS6.3AI score0.00581EPSS

Exploits0References2