Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Synology Subscribe
Filtered by product Audio Station
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-27612 1 Synology 1 Audio Station 2023-01-24 N/A 9.8 CRITICAL
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Audio Station before 6.5.4-3367 allows remote attackers to execute arbitrary commands via unspecified vectors.
CVE-2022-27611 1 Synology 1 Audio Station 2022-08-03 N/A 8.1 HIGH
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology Audio Station before 6.5.4-3367 allows remote authenticated users to delete arbitrary files via unspecified vectors.
CVE-2017-15888 1 Synology 1 Audio Station 2019-10-09 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in Custom Internet Radio List in Synology Audio Station before 6.3.0-3260 allows remote authenticated attackers to inject arbitrary web script or HTML via the NAME parameter.
CVE-2015-9104 1 Synology 1 Audio Station 2019-10-09 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerabilities in Synology Audio Station 5.1 before 5.1-2550 and 5.4 before 5.4-2857 allows remote authenticated attackers to inject arbitrary web script or HTML via the album title.