Filtered by vendor Qnap Systems
Subscriptions
Total
47 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-48723 | 2 Qnap, Qnap Systems | 2 Qsync Central, Qsync Central | 2026-02-11 | 8.1 High |
| A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | ||||
| CVE-2025-48722 | 2 Qnap, Qnap Systems | 2 Qsync Central, Qsync Central | 2026-02-11 | 6.5 Medium |
| A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | ||||
| CVE-2025-47209 | 2 Qnap, Qnap Systems | 2 Qsync Central, Qsync Central | 2026-02-11 | 6.5 Medium |
| A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | ||||
| CVE-2025-47205 | 1 Qnap Systems | 2 Qts, Quts Hero | 2026-02-11 | N/A |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3332 build 20251128 and later QuTS hero h5.2.8.3321 build 20251117 and later | ||||
| CVE-2025-30276 | 2 Qnap, Qnap Systems | 2 Qsync Central, Qsync Central | 2026-02-11 | 8.8 High |
| An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | ||||
| CVE-2025-30269 | 2 Qnap, Qnap Systems | 2 Qsync Central, Qsync Central | 2026-02-11 | 8.1 High |
| A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | ||||
| CVE-2025-30266 | 2 Qnap, Qnap Systems | 2 Qsync Central, Qsync Central | 2026-02-11 | 6.5 Medium |
| A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | ||||