Vulnerabilities > Synology > Drive Client > High

DATE CVE VULNERABILITY TITLE RISK
2024-09-26 CVE-2022-49038 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Synology Drive Client
Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors.
local
low complexity
synology CWE-829
7.8
7.8
2024-09-26 CVE-2023-52946 Classic Buffer Overflow vulnerability in Synology Drive Client
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors.
network
low complexity
synology CWE-120
8.2
8.2