CVE-2023-2729
- EPSS 0.88%
- Veröffentlicht 13.06.2023 08:15:09
- Zuletzt bearbeitet 14.01.2025 19:29:55
Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors.
CVE-2023-0142
- EPSS 0.97%
- Veröffentlicht 13.06.2023 07:15:46
- Zuletzt bearbeitet 14.01.2025 19:29:55
Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7 and 7.1-42661 allows remote authenticated users with administrator privileges to read or write...
CVE-2022-27623
- EPSS 0.75%
- Veröffentlicht 25.10.2022 17:15:51
- Zuletzt bearbeitet 14.01.2025 19:29:55
Missing authentication for critical function vulnerability in iSCSI management functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote attackers to read or write arbitrary files via unspecified vectors.
CVE-2022-27622
- EPSS 0.67%
- Veröffentlicht 25.10.2022 17:15:51
- Zuletzt bearbeitet 14.01.2025 19:29:55
Server-Side Request Forgery (SSRF) vulnerability in Package Center functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to access intranet resources via unspecified vectors.
CVE-2022-3576
- EPSS 0.89%
- Veröffentlicht 20.10.2022 06:15:12
- Zuletzt bearbeitet 14.01.2025 19:29:55
A vulnerability regarding out-of-bounds read is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to obtain sensitive information via unspecified vectors. The following models with Synology Di...
CVE-2022-27626
- EPSS 0.98%
- Veröffentlicht 20.10.2022 06:15:11
- Zuletzt bearbeitet 14.01.2025 19:29:55
A vulnerability regarding concurrent execution using shared resource with improper synchronization ('Race Condition') is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to execute arbitrary ...
CVE-2022-27625
- EPSS 1.48%
- Veröffentlicht 20.10.2022 06:15:11
- Zuletzt bearbeitet 14.01.2025 19:29:55
A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to execute arbitrary commands via unspeci...
CVE-2022-27624
- EPSS 1.49%
- Veröffentlicht 20.10.2022 06:15:09
- Zuletzt bearbeitet 14.01.2025 19:29:55
A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the packet decryption functionality of Out-of-Band (OOB) Management. This allows remote attackers to execute arbitrary commands via unspecif...
CVE-2022-27616
- EPSS 1.6%
- Veröffentlicht 03.08.2022 02:15:07
- Zuletzt bearbeitet 14.01.2025 19:29:55
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 7.0.1-42218-3 allows remote authenticated users to execute arbitrary commands vi...
CVE-2022-22684
- EPSS 1.52%
- Veröffentlicht 28.07.2022 07:15:07
- Zuletzt bearbeitet 14.01.2025 19:29:55
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in task management component in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows remote authenticated users to execute arbitrary comm...