threat
engine
.sh
Back
·
··:··
Home
/
Product
/
synology skynas
Product
synology skynas
16 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2019-19344
all versions
There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba
6.5
MEDIUM
CVE-2019-14907
all versions
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log
6.5
MEDIUM
CVE-2019-9518
all versions
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker se
7.5
HIGH
CVE-2019-9517
all versions
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. Th
7.5
HIGH
CVE-2019-9516
all versions
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stre
6.5
MEDIUM
CVE-2019-9515
all versions
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a s
7.5
HIGH
CVE-2019-9514
all versions
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a numb
7.5
HIGH
CVE-2019-9513
all versions
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates mul
7.5
HIGH
CVE-2019-9511
all versions
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading
7.5
HIGH
CVE-2018-1160
all versions
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attack
9.8
CRITICAL
CVE-2018-13281
all versions
Information exposure vulnerability in SYNO.Core.ACL in Synology DiskStation Manager (DSM) before 6.2-23739-2 allows remote authent
4.3
MEDIUM
CVE-2018-8897
all versions
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandl
7.8
HIGH
CVE-2018-7185
< 6.1.5-15254
The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continuall
7.5
HIGH
CVE-2018-7184
all versions
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to c
7.5
HIGH
CVE-2018-7170
< 6.1.5-15254
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create
5.3
MEDIUM
CVE-2017-5753
all versions
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of informatio
5.6
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin