Vulnerabilities > Synology > Media Server > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-28 | CVE-2022-22683 | Unspecified vulnerability in Synology Media Server Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
| 2021-06-01 | CVE-2021-33180 | Unspecified vulnerability in Synology Media Server Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
| 2018-05-10 | CVE-2018-8914 | SQL Injection vulnerability in Synology Media Server SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter. | 9.8 |