Lucene search
+L
SynologyBeedrive

6 matches found

CVE
CVE
added 2026/05/27 8:25 a.m.33 views

CVE-2023-52945

CVE-2023-52945 describes an "Uncontrolled search path element" vulnerability in the OpenSSL DLL component of Synology BeeDrive for desktop, affecting versions prior to 1.3.2-13814. The issue enables local users to trigger arbitrary code execution via unspecified vectors, with a local attack poten...

7.8CVSS6.2AI score0.00139EPSS
CVE
CVE
added 2026/05/27 8:26 a.m.21 views

CVE-2024-11399

CVE-2024-11399 affects Synology BeeDrive for Desktop (redis-server component) prior to version 1.3.2-13814. Local users can trigger a denial-of-service via unspecified vectors, with impact on availability (CVSSv3.1: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H). Root cause details are not specified in the...

6.8CVSS5.8AI score0.00112EPSS
CVE
CVE
added 2025/12/04 3:13 p.m.16 views

CVE-2025-54159

The CVE-2025-54159 entry describes a missing authorization vulnerability in Synology BeeDrive for desktop prior to version 1.4.2-13960, where remote attackers could delete arbitrary files via unspecified vectors. Affected product: BeeDrive for desktop. Root cause: lack of authorization checks in ...

7.5CVSS6.7AI score0.00381EPSS
CVE
CVE
added 2025/12/04 3:17 p.m.16 views

CVE-2025-8074

CVE-2025-8074 describes an origin validation error in Synology BeeDrive for desktop up to version 1.4.3-13973 . The flaw allows local users to write arbitrary files containing non-sensitive information via unspecified vectors, indicating a local-privilege/unauthorized-write possibility as stated ...

5.6CVSS6.1AI score0.00084EPSS
CVE
CVE
added 2025/12/04 3:13 p.m.15 views

CVE-2025-54158

CVE-2025-54158 affects Synology BeeDrive for desktop prior to 1.4.2-13960. The issue is a missing authentication check in a critical function, enabling local users to potentially execute arbitrary code via unspecified vectors. Multiple connected sources (Red Hat, NVD, CVE lists, and vendor adviso...

7.8CVSS7.3AI score0.00171EPSS
CVE
CVE
added 2025/12/04 3:14 p.m.14 views

CVE-2025-54160

CVE-2025-54160 affects Synology BeeDrive for desktop before 1.4.2-13960, where an improper limitation of a pathname to a restricted directory (path traversal) allows a local user to execute arbitrary code via unspecified vectors. The issue relates to BeeDrive’s handling of file paths and is explo...

7.8CVSS7.1AI score0.00183EPSS