Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
2 CRITICAL6 HIGH12 MEDIUM
CVE-2025-8074
MEDIUM CVSS 5.6
Find Similar
Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors
synology
NVD RRF 0.016
CVE-2023-52945
HIGH CVSS 7.8
Find Similar
Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors.
synology
NVD RRF 0.016
CVE-2025-54158
HIGH CVSS 7.8
Find Similar
Missing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors.
synology
NVD RRF 0.016
CVE-2025-54159
HIGH CVSS 7.5
Find Similar
Missing authorization vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows remote attackers to delete arbitrary files via unspecified vectors.
synology
NVD RRF 0.016
CVE-2025-54160
HIGH CVSS 7.8
Find Similar
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary cod
synology
NVD RRF 0.015
CVE-2025-66593
MEDIUM CVSS 5.6
Find Similar
An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation.
synology
NVD RRF 0.015
CVE-2024-11399
MEDIUM CVSS 6.8
Find Similar
Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks
synology
NVD RRF 0.015
CVE-2024-50629
MEDIUM CVSS 5.3
Find Similar
Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.1.1-42962-7, 7.2-64570-4,
synology
NVD RRF 0.015
CVE-2025-66592
MEDIUM CVSS 5.6
Find Similar
An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content and conduct denial-of-servic
synology
NVD RRF 0.014
CVE-2022-49039
MEDIUM CVSS 6.7
Find Similar
Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via
synology
NVD RRF 0.014
CVE-2024-10445
MEDIUM CVSS 5.3
Find Similar
Improper certificate validation vulnerability in the update functionality in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.1.1-42962-7, 7
synology
NVD RRF 0.014
CVE-2025-13167
MEDIUM CVSS 5.4
Find Similar
Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in contact functionality in Synology Contacts before 1.0.10-20659 allows remote authenticated users t
synology
NVD RRF 0.014
CVE-2025-13593
MEDIUM CVSS 5.6
Find Similar
Origin validation error vulnerability in Synology ActiveProtect Agent before 1.1.0-0439 allows local users to write arbitrary files with restricted content and conduct denial-of-service during install
synology
NVD RRF 0.014
CVE-2022-49038
HIGH CVSS 7.8
Find Similar
Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified
synology
NVD RRF 0.014
CVE-2024-10443
CRITICAL CVSS 9.8
Find Similar
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology
synology
NVD RRF 0.013
CVE-2024-10441
CRITICAL CVSS 9.8
Find Similar
Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.2-64570-4, 7.2.1-6905
synology
NVD RRF 0.013
CVE-2024-47269
MEDIUM CVSS 4.9
Find Similar
Cleartext transmission of sensitive information vulnerability in Export Key functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with admi
synology
NVD RRF 0.013
CVE-2024-47273
MEDIUM CVSS 4.3
Find Similar
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated user
synology
NVD RRF 0.013
CVE-2022-49037
MEDIUM CVSS 6.5
Find Similar
Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive information
synology
NVD RRF 0.013
CVE-2024-50630
HIGH CVSS 7.5
Find Similar
Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to obta
synology
NVD RRF 0.013
Page 1+ Next →