Vulnerabilidades en Synology
294 resultadosCVE-2017-16769—Exposure of private information vulnerability in Photo Viewer in Synology Photo Station 6.8.1-3458 allows remote attackers to obtain metadatEPSS 1.9%CVE-2021-43928CRITICALImproper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in mail sending and receiving compoEPSS 1.9%CVE-2017-16770—File and directory information exposure vulnerability in SYNO.SurveillanceStation.PersonalSettings.Photo in Synology Surveillance Station beEPSS 1.9%CVE-2021-26561CRITICALStack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-theEPSS 1.9%CVE-2017-12079—Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2EPSS 1.8%CVE-2017-15893—Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology File Station before 1.1.1-0099 allows remote authenticated useEPSS 1.8%CVE-2018-13296HIGHUncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers tEPSS 1.8%CVE-2021-29092HIGHUnrestricted upload of file with dangerous type vulnerability in file management component in Synology Photo Station before 6.8.14-3500 alloEPSS 1.7%CVE-2020-27655MEDIUMImproper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resourEPSS 1.7%CVE-2018-8926HIGHPermissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remEPSS 1.7%CVE-2021-26562CRITICALOut-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle EPSS 1.7%CVE-2019-11821HIGHSQL injection vulnerability in synophoto_csPhotoDB.php in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackEPSS 1.7%CVE-2023-5746CRITICALA vulnerability regarding use of externally-controlled format string is found in the cgi component. This allows remote attackers to execute EPSS 1.7%CVE-2021-29090HIGHImproper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in PHP component in Synology Photo StatioEPSS 1.7%CVE-2019-11826HIGHRelative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in Synology Moments before 1.3.0-0691 allows remote authenticated users EPSS 1.7%CVE-2017-11162—Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users tEPSS 1.6%CVE-2017-11149—Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 EPSS 1.6%CVE-2017-15886—Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat before 2.0.0-1124 allows remote authenticated users to dowEPSS 1.6%CVE-2018-13289MEDIUMInformation exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote attackers tEPSS 1.6%CVE-2022-22688HIGHImproper neutralization of special elements used in a command ('Command Injection') vulnerability in File service functionality in Synology EPSS 1.6%