CyberAlerts

CVE-2025-29873

Description: A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVSS: MEDIUM (5.3)

EPSS Score: 0.08%

Source: CVE

June 6th, 2025 (22 days ago)

CVE-2025-29872

File Station 5

Description: An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVSS: HIGH (7.1)

EPSS Score: 0.08%

Source: CVE

June 6th, 2025 (22 days ago)

CVE-2025-29871

File Station 5

Description: An out-of-bounds read vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVSS: LOW (2.4)

EPSS Score: 0.01%

Source: CVE

June 6th, 2025 (22 days ago)

CVE-2025-22490

File Station 5

Description: A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVSS: MEDIUM (5.3)

EPSS Score: 0.08%

Source: CVE

June 6th, 2025 (22 days ago)

CVE-2025-22486

File Station 5

Description: An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4791 and later and later

CVSS: HIGH (7.1)

EPSS Score: 0.05%

Source: CVE

June 6th, 2025 (22 days ago)

CVE-2025-22484

File Station 5

Description: An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVSS: HIGH (7.1)

EPSS Score: 0.11%

Source: CVE

June 6th, 2025 (22 days ago)

CVE-2025-22482

Qsync Central

Description: A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.6 ( 2025/03/20 ) and later

CVSS: LOW (2.3)

EPSS Score: 0.16%

Source: CVE

June 6th, 2025 (22 days ago)

CVE-2025-22481

QTS, QuTS hero

Description: A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.4.3079 build 20250321 and later QuTS hero h5.2.4.3079 build 20250321 and later

CVSS: HIGH (8.7)

EPSS Score: 0.56%

Source: CVE

June 6th, 2025 (22 days ago)

CVE-2024-56805

QTS, QuTS hero

Description: A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.4.3079 build 20250321 and later QuTS hero h5.2.4.3079 build 20250321 and later

CVSS: MEDIUM (5.3)

EPSS Score: 0.1%

Source: CVE

June 6th, 2025 (22 days ago)

CVE-2024-50406

License Center

Description: A cross-site scripting (XSS) vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: License Center 1.9.49 and later

CVSS: LOW (2.0)

EPSS Score: 0.1%

Source: CVE

June 6th, 2025 (22 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-29873	File Station 5 Description: A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later CVSS: MEDIUM (5.3) EPSS Score: 0.08% Source: CVE June 6th, 2025 (22 days ago)
CVE-2025-29872	File Station 5 Description: An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later CVSS: HIGH (7.1) EPSS Score: 0.08% Source: CVE June 6th, 2025 (22 days ago)
CVE-2025-29871	File Station 5 Description: An out-of-bounds read vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later CVSS: LOW (2.4) EPSS Score: 0.01% Source: CVE June 6th, 2025 (22 days ago)
CVE-2025-22490	File Station 5 Description: A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later CVSS: MEDIUM (5.3) EPSS Score: 0.08% Source: CVE June 6th, 2025 (22 days ago)
CVE-2025-22486	File Station 5 Description: An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4791 and later and later CVSS: HIGH (7.1) EPSS Score: 0.05% Source: CVE June 6th, 2025 (22 days ago)
CVE-2025-22484	File Station 5 Description: An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later CVSS: HIGH (7.1) EPSS Score: 0.11% Source: CVE June 6th, 2025 (22 days ago)
CVE-2025-22482	Qsync Central Description: A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.6 ( 2025/03/20 ) and later CVSS: LOW (2.3) EPSS Score: 0.16% Source: CVE June 6th, 2025 (22 days ago)
CVE-2025-22481	QTS, QuTS hero Description: A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.4.3079 build 20250321 and later QuTS hero h5.2.4.3079 build 20250321 and later CVSS: HIGH (8.7) EPSS Score: 0.56% Source: CVE June 6th, 2025 (22 days ago)
CVE-2024-56805	QTS, QuTS hero Description: A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.4.3079 build 20250321 and later QuTS hero h5.2.4.3079 build 20250321 and later CVSS: MEDIUM (5.3) EPSS Score: 0.1% Source: CVE June 6th, 2025 (22 days ago)
CVE-2024-50406	License Center Description: A cross-site scripting (XSS) vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: License Center 1.9.49 and later CVSS: LOW (2.0) EPSS Score: 0.1% Source: CVE June 6th, 2025 (22 days ago)