CVE-2024-5401

>= 3.1-23028 and < 3.1.4-23079

Improper control of dynamically-managed code resources vulnerability in WebAPI component in Synology DiskStation Manager (DSM) bef

4.3MEDIUM

CVE-2024-45539

>= 3.1-23028 and < 3.1.4-23079

Out-of-bounds write vulnerability in cgi components in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-72806 and

7.5HIGH

CVE-2024-45538

>= 3.1-23028 and < 3.1.4-23079

Cross-Site Request Forgery (CSRF) vulnerability in WebAPI Framework in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and

9.6CRITICAL

CVE-2023-2729

all versions

Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.

5.9MEDIUM

CVE-2023-0142

all versions

Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager (DSM) before 6.2

6.5MEDIUM

CVE-2022-22687

< 3.1-23033

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in Authentication functionality in Synology D

9.8CRITICAL

CVE-2021-29087

< 3.1-23033

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology DiskS

7.5HIGH

CVE-2021-29086

< 3.1-23033

Exposure of sensitive information to an unauthorized actor vulnerability in webapi component in Synology DiskStation Manager (DSM)

5.3MEDIUM

CVE-2021-29085

< 3.1-23033

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing m

8.6HIGH

CVE-2021-29084

< 3.1-23033

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advis

7.5HIGH

CVE-2021-27649

< 3.1-23033

Use after free vulnerability in file transfer protocol component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows

9.8CRITICAL

CVE-2021-26567

all versions

Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary co

7.8HIGH

CVE-2021-26566

all versions

Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-2

8.3HIGH

CVE-2021-26565

all versions

Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-254

8.3HIGH

CVE-2021-26564

all versions

Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-254

8.3HIGH

CVE-2021-26563

all versions

Incorrect authorization vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows local

8.2HIGH

CVE-2021-26562

all versions

Out-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-t

9.0CRITICAL

CVE-2021-26561

all versions

Stack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows

9.0CRITICAL

CVE-2021-26560

all versions

Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6

9.0CRITICAL

CVE-2021-3156

all versions

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalatio

7.8HIGH