Firmware & Software

Stored XSS Vulnerability in Image2PDF

30. September 2021
A stored cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Image2PDF. If exploited, this vulne ... More
Stored XSS Vulnerability in Photo Station

30. September 2021
A stored cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, this v ... More
Stored XSS Vulnerabilities in Photo Station

30. September 2021
Two stored cross-site scripting (XSS) vulnerabilities have been reported to affect QNAP NAS running Photo Station. If exploited, t ... More
Command Injection Vulnerability in QVR

30. September 2021
A command injection vulnerability has been reported to affect certain QNAP EOL devices running QVR. If exploited, this vulnerabili ... More
Command Injection Vulnerabilities in QVR

26. September 2021
Two command injection vulnerabilities have been reported to affect certain QNAP EOL devices running QVR. If exploited, these vulne ... More
Insufficient HTTP Security Headers in QTS, QuTS hero, and QuTScloud

9. September 2021
A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTS ... More
Insufficiently Protected Credentials in QSW-M2116P-2T2S and QuNetSwitch

9. September 2021
A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches ... More
Stack-Based Buffer Overflow Vulnerabilities in NVR Storage Expansion

9. September 2021
Two stack-based buffer overflow vulnerabilities have been reported to affect QNAP NAS running NVR Storage Expansion. If exploited, ... More
Stack Buffer Overflow Vulnerability in QUSBCam2

9. September 2021
A stack buffer overflow vulnerability has been reported to affect QNAP NAS running QUSBCam2. If exploited, this vulnerability allo ... More
Stack Buffer Overflow Vulnerabilities in QTS, QuTS hero, and QuTScloud

9. September 2021
Two stack buffer overflow vulnerabilities have been reported to affect QNAP devices running QTS, QuTS hero, and QuTScloud. If expl ... More
Out-of-Bounds Vulnerabilities in OpenSSL

30. August 2021
Two out-of-bounds vulnerabilities in OpenSSL have been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync). If exploite ... More
Out-of-Bounds Read Vulnerability in OpenSSL

30. August 2021
An out-of-bounds read vulnerability in OpenSSL has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. If expl ... More
Improper Access Control Vulnerability in Legacy HBS 3 (Hybrid Backup Sync)

6. Juli 2021
An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3 (Hybrid Backup Sync). If exp ... More
Improper Access Control Vulnerability in HBS 3 (Hybrid Backup Sync)

5. Juli 2021
An improper access control vulnerability has been reported to affect certain versions of HBS 3 (Hybrid Backup Sync). If exploited, ... More
DNSpooq Vulnerabilities in QTS

30. Juni 2021
DNSpooq vulnerabilities—including DNS cache poisoning and buffer overflow vulnerabilities—have been reported to affect certain ver ... More
XSS Vulnerability in QTS and QuTS hero

30. Juni 2021
An XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attac ... More
Stored XSS Vulnerability in Q'center

30. Juni 2021
A stored XSS vulnerability has been reported to affect QNAP NAS running Q'center. If exploited, this vulnerability allows attacker ... More
Stored XSS Vulnerability in QuLog Center

30. Juni 2021
A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If exploited, this vulnerability allows atta ... More
Multiple Command Injection Vulnerabilities in QTS and QuTS hero

30. Juni 2021
Multiple command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows ... More
Command Injection Vulnerability in QTS

24. Juni 2021
A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of QTS. If exploited, this vulnera ... More

Stored XSS Vulnerability in Image2PDF

Stored XSS Vulnerability in Photo Station

Stored XSS Vulnerabilities in Photo Station

Command Injection Vulnerability in QVR

Command Injection Vulnerabilities in QVR

Insufficient HTTP Security Headers in QTS, QuTS hero, and QuTScloud

Insufficiently Protected Credentials in QSW-M2116P-2T2S and QuNetSwitch

Stack-Based Buffer Overflow Vulnerabilities in NVR Storage Expansion

Stack Buffer Overflow Vulnerability in QUSBCam2

Stack Buffer Overflow Vulnerabilities in QTS, QuTS hero, and QuTScloud

Out-of-Bounds Vulnerabilities in OpenSSL

Out-of-Bounds Read Vulnerability in OpenSSL

Improper Access Control Vulnerability in Legacy HBS 3 (Hybrid Backup Sync)

Improper Access Control Vulnerability in HBS 3 (Hybrid Backup Sync)

DNSpooq Vulnerabilities in QTS

XSS Vulnerability in QTS and QuTS hero

Stored XSS Vulnerability in Q'center

Stored XSS Vulnerability in QuLog Center

Multiple Command Injection Vulnerabilities in QTS and QuTS hero

Command Injection Vulnerability in QTS