Lucene search
+L

35 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:32 a.m.13 views

CVE-2024-39350

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC50...

7.5CVSS7AI score0.00668EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54109

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00712EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-51897

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.01464EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:15 a.m.6 views

CVE-2024-5463

A vulnerability regarding buffer copy without checking the size of input 'Classic Buffer Overflow' has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors...

6.5CVSS6.6AI score0.00407EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:12 a.m.12 views

CVE-2023-47803

A vulnerability regarding improper limitation of a pathname to a restricted directory 'Path Traversal' is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with...

5.3CVSS6.7AI score0.0072EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/21 2:16 a.m.7 views

CVE-2024-11131

A vulnerability regarding out-of-bounds read is found in the video interface. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.2.0-0525 may be affected: BC500, CC400W and TC500...

9.8CVSS8AI score0.00712EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/19 2:15 a.m.10 views

CVE-2024-11131

A vulnerability regarding out-of-bounds read is found in the video interface. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.2.0-0525 may be affected: BC500, CC400W and TC500...

9.8CVSS8.2AI score0.00712EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.6 views

Synology Camera Firmware 缓冲区错误漏洞

Synology Camera Firmware is a webcam firmware from Synology China. A buffer error vulnerability exists in Synology Camera Firmware versions prior to 1.2.0-0525, which stems from an out-of-bounds read in the video interface, which could lead to the execution of arbitrary code by a remote attacker...

9.8CVSS7.3AI score0.00712EPSS
Exploits0References1
NVD
NVD
added 2024/06/28 7:15 a.m.23 views

CVE-2024-39350

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC50...

7.5CVSS0.00668EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/28 6:55 a.m.21 views

CVE-2024-39350

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC50...

7.5CVSS7AI score0.00668EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/28 6:55 a.m.38 views

CVE-2024-39350

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC50...

7.5CVSS0.00668EPSS
Exploits0References1
CVE
CVE
added 2024/06/28 6:55 a.m.61 views

CVE-2024-39350

CVE-2024-39350 affects Synology Camera Firmware BC500 and TC500 with versions prior to 1.0.7-0298. The Red Hat/NVD/ZDI entries describe an authentication bypass in the RTSP functionality via spoofing that can allow a man-in-the-middle to obtain privileges without user consent. The impact is descr...

7.5CVSS7AI score0.00668EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/06/28 6:15 a.m.24 views

CVE-2024-39349

A vulnerability regarding buffer copy without checking size of input 'Classic Buffer Overflow' is found in the libjansson component and it does not affect the upstream library. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camer...

9.8CVSS0.01444EPSS
Exploits0References1
NVD
NVD
added 2024/06/28 6:15 a.m.22 views

CVE-2024-39351

A vulnerability regarding improper neutralization of special elements used in an OS command 'OS Command Injection' is found in the NTP configuration. This allows remote authenticated users with administrator privileges to execute arbitrary commands via unspecified vectors. The following models wi...

7.2CVSS0.01547EPSS
Exploits0References1
NVD
NVD
added 2024/06/28 6:15 a.m.16 views

CVE-2023-47803

A vulnerability regarding improper limitation of a pathname to a restricted directory 'Path Traversal' is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with...

5.3CVSS0.0072EPSS
Exploits0References1
NVD
NVD
added 2024/06/28 6:15 a.m.26 views

CVE-2023-47802

A vulnerability regarding improper neutralization of special elements used in an OS command 'OS Command Injection' is found in the IP block functionality. This allows remote authenticated users with administrator privileges to execute arbitrary commands via unspecified vectors. The following mode...

7.2CVSS0.01464EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/28 6:7 a.m.24 views

CVE-2024-39352

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. This allows remote authenticated users with administrator privileges to bypass firmware integrity check via unspecified vectors. The following models with Synology Camera Firmware versions before...

4.9CVSS0.00867EPSS
Exploits0References1
CVE
CVE
added 2024/06/28 6:7 a.m.68 views

CVE-2024-39352

Synology CVE-2024-39352 concerns an incorrect authorization flaw in the Synology Camera Firmware upgrade functionality. Affected models are BC500 and TC500 with firmware versions before 1.0.7-0298. The issue allows remote authenticated users with administrator privileges to bypass the firmware in...

4.9CVSS4.8AI score0.00867EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/06/28 6:7 a.m.62 views

CVE-2024-39351

CVE-2024-39351 affects Synology Camera Firmware BC500 and TC500 prior to 1.0.7-0298. It is an OS Command Injection in the NTP configuration, caused by improper neutralization of special elements used in OS commands. The impact: remote authenticated users with administrator privileges can execute ...

7.2CVSS7.8AI score0.01547EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/28 6:7 a.m.23 views

CVE-2024-39351

A vulnerability regarding improper neutralization of special elements used in an OS command 'OS Command Injection' is found in the NTP configuration. This allows remote authenticated users with administrator privileges to execute arbitrary commands via unspecified vectors. The following models wi...

7.2CVSS7.3AI score0.01547EPSS
Exploits0References1
Rows per page
Query Builder