Vulnerabilities > Qnap

DATE CVE VULNERABILITY TITLE RISK
2021-11-20 CVE-2021-34358 Cross-Site Request Forgery (CSRF) vulnerability in Qnap Qmailagent
We have already fixed this vulnerability in the following versions of QmailAgent: QmailAgent 3.0.2 ( 2021/08/25 ) and later
network
qnap CWE-352
6.8
6.8
2021-11-20 CVE-2021-38681 Cross-site Scripting vulnerability in Qnap Ragic Cloud DB
A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB.
network
qnap CWE-79
4.3
4.3
2021-11-13 CVE-2021-34357 Cross-site Scripting vulnerability in Qnap Qmailagent
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QmailAgent.
network
qnap CWE-79
4.3
4.3
2021-11-13 CVE-2021-38684 Out-of-bounds Write vulnerability in Qnap Multimedia Console
A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Multimedia Console.
network
low complexity
qnap CWE-787
7.5
7.5
2021-10-22 CVE-2021-34362 Command Injection vulnerability in Qnap Media Streaming Add-On
A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on.
network
low complexity
qnap CWE-77
6.5
6.5
2021-10-01 CVE-2021-34352 Command Injection vulnerability in Qnap QVR
A command injection vulnerability has been reported to affect QNAP device running QVR.
network
low complexity
qnap CWE-77
7.5
7.5
2021-10-01 CVE-2021-34354 Cross-site Scripting vulnerability in Qnap Photo Station
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station.
network
qnap CWE-79
3.5
3.5
2021-10-01 CVE-2021-34355 Cross-site Scripting vulnerability in Qnap Photo Station
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Photo Station.
network
qnap CWE-79
3.5
3.5
2021-10-01 CVE-2021-34356 Cross-site Scripting vulnerability in Qnap Photo Station
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station.
network
qnap CWE-79
3.5
3.5
2021-10-01 CVE-2021-38675 Cross-site Scripting vulnerability in Qnap Image2Pdf
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Image2PDF.
network
qnap CWE-79
3.5
3.5