Lucene search
+L
QnapNotes Station 3

6 matches found

CVE
CVE
added 2024/11/22 3:32 p.m.62 views

CVE-2024-38645

CVE-2024-38645 affects QNAP Notes Station 3. The issue is a server-side request forgery (SSRF) that could allow remote authenticated attackers to read application data. Public details confirm the vulnerability exists in Notes Station 3 versions prior to 3.9.7 and that 3.9.7 and later versions inc...

9.4CVSS6.3AI score0.0063EPSS
CVE
CVE
added 2024/11/22 3:32 p.m.60 views

CVE-2024-38643

CVE-2024-38643 affects QNAP Notes Station 3. The issue is a missing authentication for a critical function, allowing remote attackers to gain access to and execute certain functions. The vulnerability is documented with a high impact and network-based attack vector (CVSS 3.1/4.0 metrics indicate ...

9.8CVSS7.3AI score0.00933EPSS
CVE
CVE
added 2024/09/06 4:26 p.m.59 views

CVE-2024-27126

CVE-2024-27126 affects QNAP Notes Station 3 with a cross‑site scripting (XSS) vulnerability. The issue could allow authenticated users to inject malicious code over the network. Affected versions are prior to 3.9.6; remediation is to upgrade to Notes Station 3 version 3.9.6 or later. The CVE entr...

6.3CVSS5.6AI score0.00248EPSS
CVE
CVE
added 2024/11/22 3:32 p.m.57 views

CVE-2024-38646

The CVE-2024-38646 entry affects Notes Station 3. An incorrect permission assignment for a critical resource could allow local authenticated attackers with administrator access to read or modify the resource. Remediation: vulnerability fixed in Notes Station 3 version 3.9.7 and later. Impact deta...

8.4CVSS6.2AI score0.00177EPSS
CVE
CVE
added 2024/11/22 3:32 p.m.52 views

CVE-2024-38644

Notes Station 3 is affected by an OS command injection vulnerability prior to version 3.9.7. The issue could allow remote authenticated attackers to execute commands on affected systems. A fix is available in Notes Station 3 version 3.9.7 and later (3.9.7+); versions before 3.9.7 should upgrade t...

8.8CVSS7.1AI score0.01588EPSS
CVE
CVE
added 2024/09/06 4:26 p.m.49 views

CVE-2024-27122

CVE-2024-27122 affects QNAP Notes Station 3. The vulnerability is a cross-site scripting (XSS) flaw that could allow authenticated users to inject malicious code via the network. Affected versions: Notes Station 3 prior to 3.9.6. Mitigation: upgrade to Notes Station 3 version 3.9.6 or later, whic...

6.3CVSS5.6AI score0.00248EPSS