Vulnerabilities > Qnap
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-17 | CVE-2020-2502 | Cross-site Scripting vulnerability in Qnap Photo Station This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. | 6.1 |
| 2021-02-17 | CVE-2020-2501 | Out-of-bounds Write vulnerability in Qnap Surveillance Station A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. | 9.8 |
| 2021-02-03 | CVE-2020-2507 | OS Command Injection vulnerability in Qnap Helpdesk The vulnerability have been reported to affect earlier versions of QTS. | 9.8 |
| 2021-02-03 | CVE-2020-2506 | Unspecified vulnerability in Qnap Helpdesk The vulnerability have been reported to affect earlier versions of QTS. | 9.8 |
| 2021-01-11 | CVE-2020-2508 | Command Injection vulnerability in Qnap QTS A command injection vulnerability has been reported to affect QTS and QuTS hero. | 7.2 |
| 2020-12-31 | CVE-2018-19945 | Path Traversal vulnerability in Qnap QTS A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6. | 9.1 |
| 2020-12-31 | CVE-2018-19944 | Cleartext Transmission of Sensitive Information vulnerability in Qnap QTS A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. | 7.5 |
| 2020-12-31 | CVE-2018-19941 | Cleartext Storage of Sensitive Information vulnerability in Qnap QTS A vulnerability has been reported to affect QNAP NAS. | 7.5 |
| 2020-12-29 | CVE-2020-25847 | Command Injection vulnerability in Qnap QTS and Quts Hero This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. | 8.8 |
| 2020-12-24 | CVE-2020-2505 | Information Exposure Through an Error Message vulnerability in Qnap QES If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. | 2.3 |