Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Synology Subscribe
Filtered by product Drive
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-8910 1 Synology 1 Drive 2019-10-09 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.
CVE-2018-8921 1 Synology 1 Drive 2019-10-09 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in File Sharing Notify Toast in Synology Drive before 1.0.2-10275 allows remote authenticated users to inject arbitrary web script or HTML via the malicious file name.
CVE-2018-8922 1 Synology 1 Drive 2019-10-09 4.0 MEDIUM 6.5 MEDIUM
Improper access control vulnerability in Synology Drive before 1.0.2-10275 allows remote authenticated users to access non-shared files or folders via unspecified vectors.
CVE-2018-13297 1 Synology 1 Drive 2019-10-09 5.0 MEDIUM 5.3 MEDIUM
Information exposure vulnerability in SYNO.SynologyDrive.Files in Synology Drive before 1.1.2-10562 allows remote attackers to obtain sensitive system information via the dsm_path parameter.