RSS   Vulnerabilities for 'Drive'   RSS

2019-04-01
 
CVE-2018-13297

CWE-200
 

 
Information exposure vulnerability in SYNO.SynologyDrive.Files in Synology Drive before 1.1.2-10562 allows remote attackers to obtain sensitive system information via the dsm_path parameter.

 
2018-06-01
 
CVE-2018-8922

CWE-noinfo
 

 
Improper access control vulnerability in Synology Drive before 1.0.2-10275 allows remote authenticated users to access non-shared files or folders via unspecified vectors.

 
 
CVE-2018-8921

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in File Sharing Notify Toast in Synology Drive before 1.0.2-10275 allows remote authenticated users to inject arbitrary web script or HTML via the malicious file name.

 
2018-05-10
 
CVE-2018-8910

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.

 

 >>> Vendor: Synology 38 Products
DSM
Diskstation manager
Synology photo station
Ds photo+
Ds file
Ds audio
Cloud station
Photo station
Download station
Video station
Note station
Audio station
CHAT
Office
Photo station uploader
Assistant
Dns server
Router manager
Cloud station backup
Cloud station drive
Skynas
Virtual diskstation manager
Vs960hd firmware
Media server
Calendar
Drive
File station
Ds107 firmware
Ds116 firmware
Ds213 firmware
Vs960hd
Mailplus server
Ssl vpn client
Moments
Carddav server
Universal search
Surveillance station
Application service


Copyright 2019, cxsecurity.com

 

Back to Top