Qnap QTS and QuTS hero Improper Neutralization of Special Elements used in an OS Command (CVE-2024-50393)

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and...

EUVD-2025-31740

Malicious code in bioql PyPI...

CVE-2024-55542

Local privilege escalation due to excessive permissions assigned to Tray Monitor service. The following products are affected: Acronis Cyber Protect 16 Linux, macOS, Windows before build 39169, Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 35895...

CVE-2023-32973 QTS, QuTS hero, QuTScloud

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

Rocket Software UniData 和 UniVerse 缓冲区错误漏洞

Rocket Software UniVerse and Rocket Software UniData are both products of Rocket Software, Inc. Rocket Software UniVerse is a suite of database management and support software now owned by Rocket Software. Software UniData is a MultiValue application platform. Rocket Software UniData is a...

CVE-2015-7996

The Nitro API in Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM SVM devices allow attackers to obtain credentials via the browser cach...