RSS feeds from official Synology site regarding product security updates.
A vulnerability allows remote attackers to inject arbitrary web script or HTML via a susceptible version of Drupal.
Continue reading...
- - -...
A vulnerability allows remote attackers to obtain sensitive information via a susceptible version of Synology Router Manager (SRM) that is...
A vulnerability allows remote attackers to execute arbitrary code via a susceptible version of DiskStation Manager (DSM) or Synology Router...
Multiple vulnerabilities allow remote authenticated users to bypass security constraints via a susceptible version of Synology Directory Server or...
A vulnerability allows remote authenticated users to upload arbitrary files via a susceptible version of Drupal.
Continue reading...
- - -...
A vulnerability allows local users to conduct denial-of-service attacks, obtain sensitive information, or conduct privilege escalation attacks via...
Multiple vulnerabilities allow remote authenticated users to inject arbitrary web script or HTML or bypass security constraint via a susceptible...
CVE-2019-14861 and CVE-2019-11479 allow remote authenticated users to conduct denial-of-service attacks or bypass security constraints via a...
None of Synology products are affected by CVE-2019-6477 as this vulnerability only affect ISC BIND 9.11.0 and later.
Continue reading...
- - -...
A vulnerability allows remote attackers to conduct denial-of-service attacks via a susceptible version of Synology Assistant.
Continue reading...
Multiple vulnerabilities allow remote authenticated users to execute arbitrary commands or conduct denial-of-service attacks, or allow remote...
CVE-2019-11043 allows remote attackers to execute arbitrary code via a susceptible version of PHP 7.2, or PHP 7.3.
Continue reading...
- - -...
These vulnerabilities allow remote attackers to bypass security constraints via a susceptible version of DiskStation Manager (DSM), Synology...
These vulnerabilities allow remote attackers to inject arbitrary web script or HTML, obtain sensitive information, or access intranet resources...
CVE-2019-9511, CVE-2019-9513 and CVE-2019-9516 allow remote attackers to conduct denial-of-service attacks via a susceptible version of...
The vulnerability allows local users to obtain sensitive information via a susceptible version of Synology DiskStation Manager (DSM) running on an...
A vulnerability allows remote authenticated users to set a new password without verification via a susceptible version of Synology Router Manager...
None of Synology products are affected by CVE-2019-6342 as this vulnerability only affects Drupal 8.7.4.
Continue reading...
- - -
Source...
None of Synology products are affected by CVE-2019-10072 as the vulnerability only affects Tomcat 8.5 and later.
Continue reading...
- - -...
CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479 allow remote attackers to conduct denial-of-service attacks via a susceptible version of...
