Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Synology Subscribe
Total 309 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-49038 1 Synology 1 Drive Client 2024-10-08 N/A 7.8 HIGH
Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors.
CVE-2022-49039 1 Synology 1 Drive Client 2024-10-08 N/A 6.7 MEDIUM
Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors.
CVE-2022-49040 1 Synology 1 Drive Client 2024-10-08 N/A 4.4 MEDIUM
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in connection management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.
CVE-2022-49041 1 Synology 1 Drive Client 2024-10-08 N/A 4.4 MEDIUM
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.
CVE-2023-52946 1 Synology 1 Drive Client 2024-10-08 N/A 8.2 HIGH
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors.
CVE-2023-52950 1 Synology 1 Active Backup For Business Agent 2024-10-02 N/A 5.3 MEDIUM
Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credential via unspecified vectors.
CVE-2023-52949 1 Synology 1 Active Backup For Business Agent 2024-10-02 N/A 5.5 MEDIUM
Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.
CVE-2023-52948 1 Synology 1 Active Backup For Business Agent 2024-10-02 N/A 5.0 MEDIUM
Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.
CVE-2023-52947 1 Synology 1 Active Backup For Business Agent 2024-10-02 N/A 3.3 LOW
Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logout.