A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS...
6.4CVSS
7.1AI Score
0.0004EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS...
6.4CVSS
7.1AI Score
0.0004EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build...
7.2CVSS
7AI Score
0.0004EPSS
An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the...
6.4CVSS
6.4AI Score
0.0004EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...
6.4CVSS
7.1AI Score
0.0004EPSS
The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Networks Juniper Cloud Native Router (JCNR) and containerized routing Protocol Deamon (cRPD) products allows an attacker to perform Person-in-the-Middle (PitM) attacks which results in complete compromise of the container. Due to...
8.1CVSS
6.8AI Score
0.001EPSS
8.4CVSS
7.1AI Score
0.001EPSS
In nvram, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08499945; Issue ID:...
6AI Score
0.0004EPSS
In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID:...
6.8AI Score
0.0004EPSS
In gnss, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08580200; Issue ID:...
6.9AI Score
0.0004EPSS
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08587881; Issue ID:...
7AI Score
0.0004EPSS
In battery, there is a possible escalation of privilege due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08485622; Issue ID:...
6.9AI Score
0.0004EPSS
Memory corruption when the payload received from firmware is not as per the expected protocol...
7.8CVSS
7.2AI Score
0.0004EPSS
Memory corruption when more scan frequency list or channels are sent from the user...
6.7CVSS
7.5AI Score
0.0004EPSS
Memory corruption in Audio during a playback or a recording due to race condition between allocation and deallocation of graph...
6.7CVSS
7.3AI Score
0.0004EPSS
Memory corruption while copying the sound model data from user to kernel buffer during sound model...
6.7CVSS
7AI Score
0.0004EPSS
In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08698617; Issue ID:...
6AI Score
0.0004EPSS
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541780; Issue ID:...
7AI Score
0.0004EPSS
In keyInstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08580204; Issue ID:...
5.9AI Score
0.0004EPSS
In da, there is a possible escalation of privilege due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541749; Issue ID:...
6.9AI Score
0.0004EPSS
In imgsys, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation Patch ID: ALPS08518692; Issue ID:...
6AI Score
0.0004EPSS
In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541746; Issue ID:...
5.9AI Score
0.0004EPSS
7.3CVSS
7.1AI Score
0.0005EPSS
Memory corruption when the channel ID passed by user is not validated and further...
7.8CVSS
7.1AI Score
0.0004EPSS
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08583919; Issue ID:...
7AI Score
0.0004EPSS
In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID:...
7AI Score
0.0004EPSS
Memory corruption while querying module parameters from Listen Sound model client in kernel from user...
6.7CVSS
6.9AI Score
0.0004EPSS
Transient DOS while processing SMS container of non-standard size received in DL NAS transport in...
7.5CVSS
6.8AI Score
0.0005EPSS
Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual size of the services...
7.5CVSS
7.5AI Score
0.0004EPSS
Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of...
5.3CVSS
6.9AI Score
0.0005EPSS
Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU...
8.4CVSS
7.3AI Score
0.001EPSS
Memory corruption while copying a keyblobs material when the key materials size is not accurately...
7.8CVSS
7.1AI Score
0.0004EPSS
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364732; Issue ID:...
7.3AI Score
0.0004EPSS
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in...
5.4CVSS
6.1AI Score
0.0005EPSS
Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its...
7.8CVSS
6.6AI Score
0.0005EPSS
SiteGuard WP Plugin provides a functionality to customize the path to the login page wp-login.php and implements a measure to avoid redirection from other URLs. However, SiteGuard WP Plugin versions prior to 1.7.7 missed to implement a measure to avoid redirection from wp-register.php. As a...
6.8AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...
5CVSS
7.1AI Score
0.0004EPSS
A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute arbitrary code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520...
7.2CVSS
7.5AI Score
0.0004EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...
5CVSS
7.1AI Score
0.0004EPSS
Improper export of Android application components issue exists in 'ABEMA' App for Android prior to 10.65.0 allowing another app installed on the user's device to access an arbitrary URL on 'ABEMA' App for Android via Intent. If this vulnerability is exploited, an arbitrary website may be displayed....
6.7AI Score
0.0004EPSS
In flashc, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID:...
7AI Score
0.0004EPSS
In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID:...
6.9AI Score
0.0004EPSS
In pq, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08495932; Issue ID:...
5.9AI Score
0.0004EPSS
In OPTEE, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08522504; Issue ID:...
6.1AI Score
0.0004EPSS
In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID:...
6AI Score
0.0004EPSS
In flashc, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID:...
6.5AI Score
0.0004EPSS
In da, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID:...
6AI Score
0.0004EPSS
9.8CVSS
9.5AI Score
0.001EPSS
A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in CCX devices. A flaw in the firmware build process did not properly restrict access to a resource from an unauthorized...
6.6AI Score
0.0004EPSS
An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application...
8.1CVSS
4.7AI Score
0.001EPSS