CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

443 matches found

Western Digital MyCloud NAS - Authentication Bypass

It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining full control of the...

10CVSS8.7AI score0.9217EPSS

Exploits7References5

ATTACKERKB•added 2026/01/26 10:47 p.m.•3 views

CVE-2025-30248

DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer's search path...

8.9CVSS6.2AI score0.00042EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 11:26 a.m.•10 views

CVE-2021-33205

Western Digital EdgeRover before 0.25 has an escalation of privileges vulnerability where a low privileged user could load malicious content into directories with higher privileges, because of how Node.js is used. An attacker can gain admin privileges and carry out malicious activities such as...

8.8CVSS7.3AI score0.00511EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:26 a.m.•6 views

CVE-2021-28653

The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store keys insecurely. They choose a non-preferred storage mechanism if the device has Secure Enclave support but lacks biometric authentication hardware...

6.5CVSS6.8AI score0.00377EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:17 a.m.•3 views

CVE-2019-18931

Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer EIP control via crafted GET/POST parameters...

9CVSS7.1AI score0.00377EPSS

Exploits1References1

OpenVAS•added 2025/12/22 12:0 a.m.•1 views

Western Digital My Cloud Multiple Products Multiple Vulnerabilities (WDC-25009)

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7AI score0.61222EPSS

Exploits4References2