10 matches found
CVE-2026-22899 File Station 5
A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Station 5...
CVE-2024-14026 QTS, QuTS hero
A command injection vulnerability has been reported to affect several QNAP operating system versions. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in th...
CVE-2025-29886
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Station 5...
CVE-2025-30260 Qsync Central
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We hav...
CVE-2024-12923
A cross-site scripting XSS vulnerability has been reported to affect Photo Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: Photo...
CVE-2025-47206
An out-of-bounds write vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4933 and later...
CVE-2025-53106
Graylog grant path vulnerability affects versions 6.2.0–6.2.4 and 6.3.0-alpha.1–6.3.0-rc.2. A weak permission check in the REST API token creation process lets a user with an account issue crafted requests to create API tokens for high-privilege users (including local Administrator), enabling pri...
CVE-2025-30279
An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: File Station ...
Coppermine Photo Gallery <= 1.4.3 Remote Commands Execution Exploit
No description provided by source. ?php ---cpg143inclxpl.php 15.38 04/12/2005 Coppermine Photo Gallery = 1.4.3 remote commands execution coded by rgod site: http://retrogod.altervista.org - this works regardless of any php.ini settings, you need a normal user account with upload rights in persona...
UoW IMAPd Server 10.234/12.264 - LSUB Buffer Overflow (Metasploit)
source: https://www.securityfocus.com/bid/1110/info A buffer overflow exists in imapd. The vulnerability exists in the list command. By supplying a long, well-crafted string as the second argument to the list command, it becomes possible to execute code on the machine. Executing the list command...