Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Synology Subscribe

Filtered by product Office

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-11828	1 Synology	1 Office	2023-01-30	3.5 LOW	5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in Chart in Synology Office before 3.1.4-2771 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-8924	1 Synology	1 Office	2019-10-09	3.5 LOW	5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in Title Tootip in Synology Office before 3.0.3-2143 allows remote authenticated users to inject arbitrary web script or HTML via the malicious file name.
CVE-2017-11150	1 Synology	1 Office	2019-10-02	6.5 MEDIUM	7.8 HIGH
Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents.