CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Synology: >> Ssl Vpn Client Security Vulnerabilities

CVE-2023-5748

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.

CVSS Score

3.3

EPSS Score

0.001

Published

2023-11-07

CVE-2018-13283

Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.

CVSS Score

8.8

EPSS Score

0.003

Published

2019-04-01

CVE-2018-8929

Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload.

CVSS Score

7.3

EPSS Score

0.002

Published

2018-07-06

Page 1

Vulnerabilities

Vulnerable Software

Synology: >> Ssl Vpn Client Security Vulnerabilities

Products

Pricing

Contact Us