CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41288 – Video Station
https://notcve.org/view.php?id=CVE-2023-41288
05 Jan 2024 — An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later Se ha informado que una vulnerabilidad de inyección de comandos del sistema operativo afecta a Video Station. Si se explota, la vulnerabilidad podría permitir a los usuarios ejecutar comandos a través de una red. Ya hemos solucionado l... • https://www.qnap.com/en/security-advisory/qsa-23-55 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41289 – QcalAgent
https://notcve.org/view.php?id=CVE-2023-41289
05 Jan 2024 — An OS command injection vulnerability has been reported to affect QcalAgent. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QcalAgent 1.1.8 and later Se ha informado que una vulnerabilidad de inyección de comandos del sistema operativo afecta a QcalAgent. Si se explota, la vulnerabilidad podría permitir a los usuarios autenticados ejecutar comandos a través de una red. Ya hemos solucionado l... • https://www.qnap.com/en/security-advisory/qsa-23-34 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.3EPSS: 0%CPEs: 15EXPL: 0CVE-2023-45044 – QTS, QuTS hero
https://notcve.org/view.php?id=CVE-2023-45044
05 Jan 2024 — A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later La vulnerabilidad de copia de búfer sin comprobar el tamaño de la entrada afecta a varias versiones del sistema operativo QNAP.... • https://www.qnap.com/en/security-advisory/qsa-23-27 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.3EPSS: 0%CPEs: 15EXPL: 0CVE-2023-45043 – QTS, QuTS hero
https://notcve.org/view.php?id=CVE-2023-45043
05 Jan 2024 — A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later La vulnerabilidad de copia de búfer sin comprobar el tamaño de la entrada afecta a varias versiones del sistema operativo QNAP.... • https://www.qnap.com/en/security-advisory/qsa-23-27 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.3EPSS: 0%CPEs: 15EXPL: 0CVE-2023-45042 – QTS, QuTS hero
https://notcve.org/view.php?id=CVE-2023-45042
05 Jan 2024 — A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later La vulnerabilidad de copia de búfer sin comprobar el tamaño de la entrada afecta a varias versiones del sistema operativo QNAP.... • https://www.qnap.com/en/security-advisory/qsa-23-27 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.3EPSS: 0%CPEs: 15EXPL: 0CVE-2023-45041 – QTS, QuTS hero
https://notcve.org/view.php?id=CVE-2023-45041
05 Jan 2024 — A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later La vulnerabilidad de copia de búfer sin comprobar el tamaño de la entrada afecta a varias versiones del sistema operativo QNAP.... • https://www.qnap.com/en/security-advisory/qsa-23-27 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.3EPSS: 0%CPEs: 15EXPL: 0CVE-2023-45040 – QTS, QuTS hero
https://notcve.org/view.php?id=CVE-2023-45040
05 Jan 2024 — A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later La vulnerabilidad de copia de búfer sin comprobar el tamaño de la entrada afecta a varias versiones del sistema operativo QNAP.... • https://www.qnap.com/en/security-advisory/qsa-23-27 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.3EPSS: 0%CPEs: 15EXPL: 0CVE-2023-45039 – QTS, QuTS hero
https://notcve.org/view.php?id=CVE-2023-45039
05 Jan 2024 — A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later La vulnerabilidad de copia de búfer sin comprobar el tamaño de la entrada afecta a varias versiones del sistema operativo QNAP.... • https://www.qnap.com/en/security-advisory/qsa-23-27 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47219 – QuMagie
https://notcve.org/view.php?id=CVE-2023-47219
05 Jan 2024 — A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later Se ha informado que una vulnerabilidad de inyección SQL afecta a QuMagie. Si se explota, la vulnerabilidad podría permitir a los usuarios autenticados inyectar código malicioso a través de una red. Ya hemos solucionado la vulnerabilidad en la siguient... • https://www.qnap.com/en/security-advisory/qsa-23-32 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47559 – QuMagie
https://notcve.org/view.php?id=CVE-2023-47559
05 Jan 2024 — A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later Se ha informado que una vulnerabilidad de cross-site scripting (XSS) afecta a QuMagie. Si se explota, la vulnerabilidad podría permitir a los usuarios autenticados inyectar código malicioso a través de una red. Ya hemos solucionado la vul... • https://www.qnap.com/en/security-advisory/qsa-23-23 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •