Synology

Diskstation Manager

93 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-22687

  • EPSS 5.34%
  • Veröffentlicht 25.03.2022 07:15:07
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in Authentication functionality in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via unspecified vectors.

5.4

CVE-2021-43929

  • EPSS 0.21%
  • Veröffentlicht 07.02.2022 03:15:07
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in work flow management in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote authenticated users to inject arbitrary ...

9.8

CVE-2021-43926

  • EPSS 0.41%
  • Veröffentlicht 07.02.2022 03:15:07
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecifi...

9.8

CVE-2021-43927

  • EPSS 0.42%
  • Veröffentlicht 07.02.2022 03:15:07
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Security Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unsp...

4.9

CVE-2022-22679

  • EPSS 0.27%
  • Veröffentlicht 07.02.2022 03:15:07
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in support service management in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote authenticated users to write arbitrary files via unspe...

9.8

CVE-2021-43925

  • EPSS 0.41%
  • Veröffentlicht 07.02.2022 03:15:06
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecifi...

7.5

CVE-2022-22680

  • EPSS 0.21%
  • Veröffentlicht 07.02.2022 02:15:07
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to obtain sensitive information via unspecified vectors.

7.5

CVE-2021-29087

  • EPSS 0.3%
  • Veröffentlicht 23.06.2021 10:15:08
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to write arbitrary files via unspecified vectors.

7.5

CVE-2021-29086

  • EPSS 0.2%
  • Veröffentlicht 23.06.2021 10:15:08
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Exposure of sensitive information to an unauthorized actor vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to obtain sensitive information via unspecified vectors.

7.5

CVE-2021-29085

  • EPSS 0.28%
  • Veröffentlicht 23.06.2021 10:15:08
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary...