CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

Talos•added 2021/04/19 12:0 a.m.•178 views

Synology DSM synoagentregisterd server finder out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the synoagentregisterd server finder functionality of Synology DSM 6.2.3 25426 DS120j. A specially crafted HTTP response can lead to remote code execution. An attacker can use man-in-the-middle techniques to trigger this vulnerability. Tested...

8.7AI score

Exploits0

CNVD•added 2021/03/01 12:0 a.m.•5 views

Synology DiskStation Manager Out-of-Bounds Write Vulnerability

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. An out-of-bounds write vulnerability exists in synoagentregisterd in Synology...

9CVSS7.5AI score0.01388EPSS

Exploits1References1

OSV•added 2021/02/26 10:15 p.m.•2 views

CVE-2021-26563

Incorrect authorization vulnerability in synoagentregisterd in Synology DiskStation Manager DSM before 6.2.4-25553 allows local users to execute arbitrary code via unspecified vectors...

6.7CVSS6.1AI score0.00117EPSS

Exploits1References2

OSV•added 2021/02/26 10:15 p.m.•0 views

CVE-2021-26562

Out-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager DSM before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via synofindersite HTTP header...

8.1CVSS6.1AI score

Exploits0References2

NVD•added 2021/02/26 10:15 p.m.•12 views

CVE-2021-26563

Incorrect authorization vulnerability in synoagentregisterd in Synology DiskStation Manager DSM before 6.2.4-25553 allows local users to execute arbitrary code via unspecified vectors...

8.2CVSS0.00117EPSS

Exploits1References2

OSV•added 2021/02/26 10:15 p.m.•0 views

CVE-2021-26561

Stack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager DSM before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via synofindersite HTTP header...

8.1CVSS7.8AI score0.02341EPSS

Exploits1References2

OSV•added 2021/02/26 10:15 p.m.•1 views

CVE-2021-26560

Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology DiskStation Manager DSM before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session...

7.4CVSS7.2AI score

Exploits0References2

CVE•added 2021/02/26 9:45 p.m.•95 views

CVE-2021-26563

CVE-2021-26563 affects Synology DiskStation Manager (DSM) with the synoagentregisterd component, prior to DSM 6.2.4-25553. The root cause is an incorrect/improper access control that allows local users to execute arbitrary code via unspecified vectors, potentially enabling root access. In TALOS-2...

8.2CVSS7AI score0.00117EPSS

Exploits1References2Affected Software1

CVE•added 2021/02/26 9:45 p.m.•80 views

CVE-2021-26560

CVE-2021-26560 affects Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 via the synoagentregisterd service. The issue involves cleartext HTTP transmission during server discovery (the /finder/server response and subsequent domain parsing), enabling MITM disclosure and server spoofing. TA...

9CVSS7.7AI score0.00164EPSS

Exploits1References2Affected Software1

CNNVD•added 2021/02/26 12:0 a.m.•3 views

Synology DiskStation Manager 安全漏洞

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. A sensitive information clear text transfer vulnerability exists in...

9CVSS7.2AI score0.00164EPSS

Exploits1References5

Positive Technologies•added 2021/02/26 12:0 a.m.•3 views

PT-2021-17038 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.2.3-25426-3 Description: The issue concerns the cleartext transmission of sensitive information in the synoagentregisterd component, allowing man-in-the-middle attackers to spoof servers vi...

9CVSS8.5AI score0.00164EPSS

Exploits1References5

CNNVD•added 2021/02/26 12:0 a.m.•2 views

Synology DiskStation Manager 访问控制错误漏洞

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. An improper access control vulnerability exists in synoagentregisterd in...

8.2CVSS6.6AI score0.00117EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by