CVE-2024-14025

>= 5.0.0 and < 5.8.2

An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also

6.7MEDIUM

CVE-2024-14024

>= 5.0.0 and < 5.8.2

An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local network acc

6.7MEDIUM

CVE-2024-56804

>= 5.8.0 and < 5.8.4

An SQL injection vulnerability has been reported to affect Video Station. If a remote attacker gains a user account, they can then

8.8HIGH

CVE-2023-50360

>= 5.0.0 and < 5.8.2

A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated

8.8HIGH

CVE-2023-47563

>= 5.0.0 and < 5.8.2

An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authe

7.4HIGH

CVE-2023-41288

>= 5.7.0 and < 5.7.2

An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users

8.8HIGH

CVE-2023-41287

>= 5.7.0 and < 5.7.2

A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inje

4.3MEDIUM

CVE-2023-34977

< 2023.07.27

A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow

4.6MEDIUM

CVE-2023-34976

< 5.7.0

A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated

10.0CRITICAL

CVE-2023-34975

< 5.7.0

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner

6.6MEDIUM

CVE-2021-44056

< 5.1.8

An improper authentication vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnera

7.1HIGH

CVE-2021-44055

< 5.1.8

An missing authorization vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerabi

5.3MEDIUM

CVE-2021-28812

< 5.5.4

A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability

8.8HIGH

CVE-2021-33181

< 2.4.10-1632

Server-Side Request Forgery (SSRF) vulnerability in webapi component in Synology Video Station before 2.4.10-1632 allows remote au

6.6MEDIUM

CVE-2019-7184

< 5.4.3

This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the admini

4.8MEDIUM

CVE-2017-13071

all versions

QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP

9.8CRITICAL

CVE-2017-9556

<= 2.2.1-1364

Cross-site scripting (XSS) vulnerability in Video Metadata Editor in Synology Video Station before 2.3.0-1435 allows remote authen

5.4MEDIUM

CVE-2015-9105

all versions

Multiple cross-site scripting (XSS) vulnerabilities in Synology Video Station 1.2 before 1.2-0455, 1.5 before 1.5-0772, and 1.6 be

5.4MEDIUM

CVE-2015-6912

<= 1.5-0757

Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary shell commands via shell metacharacters in the

CVE-2015-6911

<= 1.5-0757

SQL injection vulnerability in Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary SQL commands vi

CVE-2015-6910

<= 1.5-0754

SQL injection vulnerability in Synology Video Station before 1.5-0757 allows remote attackers to execute arbitrary SQL commands vi