Vulnerabilities > Qnap > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-02 CVE-2023-47561 Cross-site Scripting vulnerability in Qnap Photo Station
A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station.
network
low complexity
qnap CWE-79
5.4
5.4
2024-02-02 CVE-2023-50359 Unchecked Return Value vulnerability in Qnap Qts, Quts Hero and Qutscloud
An unchecked return value vulnerability has been reported to affect several QNAP operating system versions.
local
low complexity
qnap CWE-252
6.7
6.7
2024-01-05 CVE-2023-47559 Cross-site Scripting vulnerability in Qnap Qumagie 2.2.0
A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie.
network
low complexity
qnap CWE-79
5.4
5.4
2023-12-08 CVE-2023-23372 Cross-site Scripting vulnerability in Qnap QTS and Quts Hero
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-79
6.1
6.1
2023-11-03 CVE-2023-39301 Server-Side Request Forgery (SSRF) vulnerability in Qnap QTS
A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-918
4.3
4.3
2023-10-13 CVE-2023-32970 NULL Pointer Dereference vulnerability in Qnap Qts, Quts Hero and Qutscloud
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-476
4.9
4.9
2023-10-13 CVE-2023-34977 Cross-site Scripting vulnerability in Qnap Video Station
A cross-site scripting (XSS) vulnerability has been reported to affect Video Station.
network
low complexity
qnap CWE-79
5.4
5.4
2023-10-06 CVE-2023-23365 Path Traversal vulnerability in Qnap Music Station
A path traversal vulnerability has been reported to affect Music Station.
network
low complexity
qnap CWE-22
6.5
6.5
2023-10-06 CVE-2023-23366 Path Traversal vulnerability in Qnap Music Station
A path traversal vulnerability has been reported to affect Music Station.
network
low complexity
qnap CWE-22
6.5
6.5
2023-10-06 CVE-2023-23370 Insufficiently Protected Credentials vulnerability in Qnap Qvpn
An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client.
local
low complexity
qnap CWE-522
4.4
4.4