Filtered by vendor Qnap
Subscriptions
Total
605 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-9110 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-06 | 7.5 High |
| An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3332 build 20251128 and later QuTS hero h5.2.8.3321 build 20251117 and later QuTS hero h5.3.1.3250 build 20250912 and later | ||||
| CVE-2025-62857 | 2 Qnap, Qnap Systems Inc. | 2 Qumagie, Qumagie | 2026-01-05 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: QuMagie 2.8.1 and later | ||||
| CVE-2025-53589 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 4.9 Medium |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | ||||
| CVE-2025-53590 | 1 Qnap | 2 Qts, Quts Hero | 2026-01-05 | 4.9 Medium |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later | ||||
| CVE-2025-53591 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 6.5 Medium |
| A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | ||||
| CVE-2025-53592 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 6.5 Medium |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | ||||
| CVE-2025-53593 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 6.5 Medium |
| A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | ||||
| CVE-2025-53596 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 4.9 Medium |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | ||||
| CVE-2025-59387 | 1 Qnap | 1 Mars | 2026-01-05 | N/A |
| An SQL injection vulnerability has been reported to affect MARS (Multi-Application Recovery Service). The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: MARS (Multi-Application Recovery Service) 1.2.1.1686 and later | ||||
| CVE-2025-53597 | 1 Qnap | 1 License Center | 2026-01-05 | 6.5 Medium |
| A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: License Center 2.0.36 and later | ||||
| CVE-2025-52871 | 1 Qnap | 1 License Center | 2026-01-05 | 6.5 Medium |
| An out-of-bounds read vulnerability has been reported to affect License Center. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: License Center 2.0.36 and later | ||||
| CVE-2025-44013 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 6.5 Medium |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later | ||||
| CVE-2025-52426 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 4.9 Medium |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | ||||
| CVE-2025-52430 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 4.9 Medium |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | ||||
| CVE-2025-52431 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 4.9 Medium |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | ||||
| CVE-2025-53405 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 4.9 Medium |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | ||||
| CVE-2025-53414 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 4.9 Medium |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later | ||||
| CVE-2025-52863 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 8.1 High |
| A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.0.3192 build 20250716 and later | ||||
| CVE-2025-52864 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 8.1 High |
| A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.0.3192 build 20250716 and later | ||||
| CVE-2025-52872 | 2 Qnap, Qnap Systems Inc. | 4 Qts, Quts Hero, Qts and 1 more | 2026-01-05 | 8.1 High |
| A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.0.3192 build 20250716 and later | ||||