CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2025-29882 – QTS, QuTS hero
https://notcve.org/view.php?id=CVE-2025-29882
29 Aug 2025 — A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote a... • https://www.qnap.com/en/security-advisory/qsa-25-21 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29879 – File Station 5
https://notcve.org/view.php?id=CVE-2025-29879
29 Aug 2025 — A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service ... • https://www.qnap.com/en/security-advisory/qsa-25-19 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29878 – File Station 5
https://notcve.org/view.php?id=CVE-2025-29878
29 Aug 2025 — A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service ... • https://www.qnap.com/en/security-advisory/qsa-25-19 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29875 – File Station 5
https://notcve.org/view.php?id=CVE-2025-29875
29 Aug 2025 — A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service ... • https://www.qnap.com/en/security-advisory/qsa-25-19 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29874 – File Station 5
https://notcve.org/view.php?id=CVE-2025-29874
29 Aug 2025 — A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service ... • https://www.qnap.com/en/security-advisory/qsa-25-19 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22483 – License Center
https://notcve.org/view.php?id=CVE-2025-22483
29 Aug 2025 — A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: License Center 1.8.51 and later License Center 1.9.51 and later A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If a remot... • https://www.qnap.com/en/security-advisory/qsa-25-27 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12923 – Photo Station
https://notcve.org/view.php?id=CVE-2024-12923
29 Aug 2025 — A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: Photo Station 6.4.5 ( 2025/01/02 ) and later A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypa... • https://www.qnap.com/en/security-advisory/qsa-25-24 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29901 – File Station 5
https://notcve.org/view.php?id=CVE-2025-29901
26 Aug 2025 — A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4933 and later Se ha informado de una vulnerabilidad de desreferencia de puntero nulo que afecta a File Station 5. Si un atacante remoto obtiene una cuenta de usuario, puede explotar la vulnerabilidad para lanzar ... • https://www.qnap.com/en/security-advisory/qsa-25-31 • CWE-476: NULL Pointer Dereference •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-47206 – File Station 5
https://notcve.org/view.php?id=CVE-2025-47206
18 Aug 2025 — An out-of-bounds write vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4933 and later Se ha informado de una vulnerabilidad de escritura fuera de los límites que afecta a File Station 5. Si un atacante remoto obtiene una cuenta de usuario, puede explotar la vulnerabilidad para modificar o corromper la ... • https://www.qnap.com/en/security-advisory/qsa-25-31 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56805 – QTS, QuTS hero
https://notcve.org/view.php?id=CVE-2024-56805
06 Jun 2025 — A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.4.3079 build 20250321 and later QuTS hero h5.2.4.3079 build 20250321 and later A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability ... • https://www.qnap.com/en/security-advisory/qsa-25-12 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •