Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
synology drive

Version unspecified

OTHER 4 CVEs

Known Vulnerabilities

CVE-2018-13297

Information exposure vulnerability in SYNO.SynologyDrive.Files in Synology Drive before 1.1.2-10562 allows remote attackers to obtain sensitive system information via the dsm_path parameter.

MEDIUM CVSS 5.3 Published Apr 01, 2019

CVE-2018-8921

Cross-site scripting (XSS) vulnerability in File Sharing Notify Toast in Synology Drive before 1.0.2-10275 allows remote authenticated users to inject arbitrary web script or HTML via the malicious file name.

MEDIUM CVSS 6.5 Published Jun 01, 2018

CVE-2018-8922

Improper access control vulnerability in Synology Drive before 1.0.2-10275 allows remote authenticated users to access non-shared files or folders via unspecified vectors.

MEDIUM CVSS 6.5 Published Jun 01, 2018

CVE-2018-8910

Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.

MEDIUM CVSS 6.5 Published May 10, 2018