Vulnerabilities > Qnap > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-06 | CVE-2023-32972 | Out-of-bounds Write vulnerability in Qnap QTS and Quts Hero A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. | 7.2 |
| 2023-09-22 | CVE-2023-23362 | OS Command Injection vulnerability in Qnap QTS and Qutscloud An OS command injection vulnerability has been reported to affect QNAP operating systems. | 8.8 |
| 2023-08-24 | CVE-2023-34971 | Inadequate Encryption Strength vulnerability in Qnap QTS and Quts Hero An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems. | 8.8 |
| 2023-03-29 | CVE-2023-23355 | Command Injection vulnerability in Qnap products An OS command injection vulnerability has been reported to affect QNAP operating systems. | 7.2 |
| 2022-05-26 | CVE-2021-34360 | Cross-Site Request Forgery (CSRF) vulnerability in Qnap NAS Proxy Server A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running Proxy Server. | 8.8 |
| 2022-05-05 | CVE-2021-44051 | Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS. | 8.8 |
| 2022-05-05 | CVE-2021-44052 | Link Following vulnerability in Qnap Qts, Quts Hero and Qutscloud An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. | 8.1 |
| 2021-12-29 | CVE-2021-38688 | Improper Authentication vulnerability in Qnap Qfile An improper authentication vulnerability has been reported to affect Android App Qfile. | 7.5 |
| 2021-11-26 | CVE-2021-38686 | Improper Authentication vulnerability in Qnap QVR 5.1.5 An improper authentication vulnerability has been reported to affect QNAP device, VioStor. | 8.8 |
| 2021-11-20 | CVE-2021-34358 | Cross-Site Request Forgery (CSRF) vulnerability in Qnap Qmailagent We have already fixed this vulnerability in the following versions of QmailAgent: QmailAgent 3.0.2 ( 2021/08/25 ) and later | 8.8 |