CVE-2025-44011

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1...

CVE-2025-33040

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We hav...

CVE-2025-33034

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central...

CVE-2025-44014 Qsync Central

An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 2025/07/09 and la...

EUVD-2025-32357

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1...

CVE-2025-44009 Qsync Central

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1...

PT-2025-40551

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.1 Description A flaw exists in Qsync Central that allows a remote attacker, having obtained a user account, to trigger a denial-of-service DoS attack due to a NULL pointer dereference. Recommendations Upda...

QNAP Qsync Central 代码问题漏洞

QNAP Qsync Central is a cloud-based file synchronization service on a NAS from Taiwan, China-based QNAP Technology QNAP. A code issue vulnerability exists in QNAP Qsync Central versions prior to 5.0.0.1, which stems from a null pointer dereference and could lead to a denial of service attack...

QNAP Qsync Central 安全漏洞

QNAP Qsync Central is the official private cloud synchronization service developed by QNAP for its Network Attached Storage NAS devices. QNAP Qsync Central suffers from an unrestricted resource allocation vulnerability that can be exploited by an attacker to prevent other systems, applications, o...

QNAP Qsync Central 安全漏洞

QNAP Qsync Central is a cloud-based file synchronization service on a NAS from Taiwan, China-based QNAP Technology QNAP. A security vulnerability exists in QNAP Qsync Central versions prior to 5.0.0.1, which stems from an unrestricted resource allocation that could lead to resource exhaustion...

Security Bulletin: IBM App Connect for Healthcare is vulnerable to multiple vulnerabilities due to Apache Commons Lang & FileUpload ( CVE-2025-48924 & CVE-2025-48976 )

Summary IBM App Connect for Healthcare is vulnerable to multiple vulnerabilities due to Apache Commons Lang & Apache Commons FileUpload. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang:...

Security Bulletin: IBM Watson IoT MessageGateway Server is affected by a buffer overflow vulnerability (CVE-2020-4207)

Summary IBM Watson IoT MessageGateway Server is vulnerable to a buffer overflow isse that can result in denial of service and possible code execution. Vulnerability Details CVEID: CVE-2020-4207 DESCRIPTION: IBM Watson IoT Message Gateway is vulnerable to a buffer overflow, caused by improper boun...

Security Bulletin: IBM MessageSight/MessageGateway is affected by the following jQuery vulnerability

Summary IBM MessageSight/MessageGateway has addressed the following jQuery vulnerability: CVE-2019-11358: jQuery mishandles jQuery.extendtrue, , ... Vulnerability Details CVEID: CVE-2019-11358 DESCRIPTION: jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper...

Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute

Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute Magneto ICMP ActiveX v4.0.0.20 ICMPSendEchoRequest Remote Code Execute Date: 2011-5-27 Discovered by: boahat vendor: http://www.magnetosoft.com/ Download: http://www.magnetosoft.com/downloads/skicmpsetup.exe SKIcmp.ocx Functi...