Lucene search
+L

7 matches found

OSV
OSV
added 2022/02/07 3:15 a.m.6 views

CVE-2022-22679

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in support service management in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote authenticated users to write arbitrary files via unspecified vectors...

4.9CVSS5.9AI score0.01157EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/02/07 12:0 a.m.4 views

PT-2022-11935 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 7.0.1-42218-2 Description: The issue is related to improper neutralization of special elements used in an SQL command, also known as SQL Injection, in the Log Management functionality. This...

9.8CVSS8.1AI score0.00875EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/02/07 12:0 a.m.4 views

PT-2022-15626 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 7.0.1-42218-2 Description: The issue allows remote attackers to obtain sensitive information via unspecified vectors, resulting in the exposure of sensitive information to unauthorized actors...

7.5CVSS6.9AI score0.01143EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/01/24 7:19 a.m.7 views

CVE-2022-22680

Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote attackers to obtain sensitive information via unspecified vectors...

7.5CVSS7.1AI score0.01143EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/01/24 4:20 a.m.3 views

CVE-2021-43925

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in Log Management functionality in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors...

9.8CVSS7.4AI score0.00875EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/01/24 4:17 a.m.3 views

CVE-2021-43926

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in Log Management functionality in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors...

9.8CVSS7.4AI score0.00875EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/01/19 8:4 a.m.6 views

CVE-2022-22679

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in support service management in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote authenticated users to write arbitrary files via unspecified vectors...

6.5CVSS6AI score0.01157EPSS
Exploits0References2
Rows per page
Query Builder