Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26566 | 1 Synology | 7 Diskstation Manager, Diskstation Manager Unified Controller, Skynas and 4 more | 2021-04-22 | 6.8 MEDIUM | 9.0 CRITICAL |
| Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary commands via inbound QuickConnect traffic. | |||||
| CVE-2020-27648 | 1 Synology | 3 Diskstation Manager, Skynas, Skynas Firmware | 2020-11-09 | 6.8 MEDIUM | 9.0 CRITICAL |
| Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2018-1160 | 3 Debian, Netatalk Project, Synology | 7 Debian Linux, Netatalk, Diskstation Manager and 4 more | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution. | |||||