Vulnerabilities > Qnap > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-06 CVE-2022-27592 Unquoted Search Path or Element vulnerability in Qnap QVR Smart Client 2.4.0
An unquoted search path or element vulnerability has been reported to affect QVR Smart Client.
local
low complexity
qnap CWE-428
6.7
2024-09-06 CVE-2023-50366 Cross-site Scripting vulnerability in Qnap QTS and Quts Hero
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-79
4.8
2024-09-06 CVE-2023-51366 Path Traversal vulnerability in Qnap QTS and Quts Hero
A path traversal vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-22
6.5
2024-09-06 CVE-2023-51368 NULL Pointer Dereference vulnerability in Qnap QTS and Quts Hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-476
6.5
2024-09-06 CVE-2024-21897 Cross-site Scripting vulnerability in Qnap QTS and Quts Hero
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-79
5.4
2024-09-06 CVE-2024-21903 Command Injection vulnerability in Qnap QTS and Quts Hero
An OS command injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-77
4.7
2024-09-06 CVE-2024-21904 Path Traversal vulnerability in Qnap QTS and Quts Hero
A path traversal vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-22
6.5
2024-09-06 CVE-2024-21906 OS Command Injection vulnerability in Qnap QTS and Quts Hero
An OS command injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-78
4.7
2024-09-06 CVE-2024-27122 Cross-site Scripting vulnerability in Qnap Notes Station 3
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3.
network
low complexity
qnap CWE-79
5.4
2024-09-06 CVE-2024-27125 Cross-site Scripting vulnerability in Qnap Helpdesk
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk.
network
low complexity
qnap CWE-79
4.8