Show filters
300 Total Results
Displaying 191-200 of 300
Sort by:
Attacker Value
Unknown

CVE-2018-13283

Disclosure Date: April 01, 2019 (last updated November 27, 2024)
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.
0
0
Attacker Value
Unknown

CVE-2018-13291

Disclosure Date: April 01, 2019 (last updated January 15, 2025)
Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology DiskStation Manager (DSM) before 6.2.1-23824 allows remote authenticated users to obtain sensitive information via the world readable configuration.
0
0
Attacker Value
Unknown

CVE-2018-13290

Disclosure Date: April 01, 2019 (last updated November 27, 2024)
Information exposure vulnerability in SYNO.Core.ACL in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to determine the existence of files or obtain sensitive information of files via the file_path parameter.
0
0
Attacker Value
Unknown

CVE-2018-13297

Disclosure Date: April 01, 2019 (last updated October 18, 2024)
Information exposure vulnerability in SYNO.SynologyDrive.Files in Synology Drive before 1.1.2-10562 allows remote attackers to obtain sensitive system information via the dsm_path parameter.
0
0
Attacker Value
Unknown

CVE-2018-13294

Disclosure Date: April 01, 2019 (last updated November 27, 2024)
Information exposure vulnerability in SYNO.Personal.Profile in Synology Application Service before 1.5.4-0320 allows remote authenticated users to obtain sensitive system information via the uid parameter.
0
0
Attacker Value
Unknown

CVE-2018-13296

Disclosure Date: April 01, 2019 (last updated November 27, 2024)
Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation.
0
0
Attacker Value
Unknown

CVE-2018-13299

Disclosure Date: April 01, 2019 (last updated November 27, 2024)
Relative path traversal vulnerability in Attachment Uploader in Synology Calendar before 2.2.2-0532 allows remote authenticated users to upload arbitrary files via the filename parameter.
0
0
Attacker Value
Unknown

CVE-2018-13292

Disclosure Date: April 01, 2019 (last updated November 27, 2024)
Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration.
0
0
Attacker Value
Unknown

CVE-2017-16775

Disclosure Date: April 01, 2019 (last updated November 27, 2024)
Improper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2018-8917

Disclosure Date: December 24, 2018 (last updated January 15, 2025)
Cross-site scripting (XSS) vulnerability in info.cgi in Synology DiskStation Manager (DSM) before 6.1.6-15266 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
0
0
View More Topics  < Previous  Next >