Filtered by vendor Qnap
Subscribe
Total
635 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-54146 | 1 Qnap | 1 Qsync Central | 2026-06-17 | N/A | 6.5 MEDIUM |
| A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | |||||
| CVE-2025-53598 | 1 Qnap | 1 Qsync Central | 2026-06-17 | N/A | 6.5 MEDIUM |
| A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | |||||
| CVE-2025-53597 | 1 Qnap | 1 License Center | 2026-06-17 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: License Center 2.0.36 and later | |||||
| CVE-2025-53596 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 4.9 MEDIUM |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | |||||
| CVE-2025-53595 | 1 Qnap | 1 Qsync Central | 2026-06-17 | N/A | 8.8 HIGH |
| An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2 ( 2025/07/31 ) and later | |||||
| CVE-2025-53593 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | |||||
| CVE-2025-53592 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 6.5 MEDIUM |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | |||||
| CVE-2025-53591 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 6.5 MEDIUM |
| A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | |||||
| CVE-2025-53590 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 4.9 MEDIUM |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later | |||||
| CVE-2025-53589 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 4.9 MEDIUM |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | |||||
| CVE-2025-53414 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 4.9 MEDIUM |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | |||||
| CVE-2025-53413 | 1 Qnap | 1 File Station | 2026-06-17 | N/A | 6.5 MEDIUM |
| An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later | |||||
| CVE-2025-53412 | 1 Qnap | 1 File Station | 2026-06-17 | N/A | 6.5 MEDIUM |
| A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later | |||||
| CVE-2025-53411 | 1 Qnap | 1 File Station | 2026-06-17 | N/A | 4.9 MEDIUM |
| An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later | |||||
| CVE-2025-53410 | 1 Qnap | 1 File Station | 2026-06-17 | N/A | 6.5 MEDIUM |
| An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later | |||||
| CVE-2025-53409 | 1 Qnap | 1 File Station | 2026-06-17 | N/A | 6.5 MEDIUM |
| An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later | |||||
| CVE-2025-53408 | 1 Qnap | 1 File Station | 2026-06-17 | N/A | 6.5 MEDIUM |
| A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later | |||||
| CVE-2025-53407 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 6.5 MEDIUM |
| A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later | |||||
| CVE-2025-53406 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 6.5 MEDIUM |
| A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later | |||||
| CVE-2025-53405 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 4.9 MEDIUM |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | |||||