|
671
|
7.2 |
HIGH
Network
|
qnap
|
qts
quts_hero
|
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to e…
Update
|
CWE-78
OS Command
|
CVE-2026-24719
|
2026-06-16 03:33 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
672
|
7.2 |
HIGH
Network
|
qnap
|
qts
quts_hero
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerabili…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-24716
|
2026-06-16 03:33 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
673
|
7.2 |
HIGH
Network
|
qnap
|
qts
quts_hero
|
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to e…
Update
|
CWE-78
OS Command
|
CVE-2026-22893
|
2026-06-16 03:33 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
674
|
7.2 |
HIGH
Network
|
qnap
|
qts
quts_hero
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service (DoS…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-66281
|
2026-06-16 03:32 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
675
|
7.2 |
HIGH
Network
|
qnap
|
qts
quts_hero
|
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to e…
Update
|
CWE-78
OS Command
|
CVE-2025-66279
|
2026-06-16 03:32 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
676
|
7.2 |
HIGH
Network
|
qnap
|
qts
quts_hero
|
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to e…
Update
|
CWE-78
OS Command
|
CVE-2025-66273
|
2026-06-16 03:32 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
677
|
7.2 |
HIGH
Network
|
qnap
|
qts
quts_hero
|
An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vuln…
Update
|
CWE-121
CWE-190
Stack-based Buffer Overflow
Integer Overflow or Wraparound
|
CVE-2025-66280
|
2026-06-16 03:32 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
678
|
5.3 |
MEDIUM
Network
|
openssl
|
openssl
|
Issue Summary: An error in the callback used to verify the certificate
provided in a Root CA key update Certificate Management Protocol (CMP)
message response rendered the certificate validation inef…
Update
|
CWE-295
Improper Certificate Validation
|
CVE-2026-42769
|
2026-06-16 03:26 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
679
|
7.5 |
HIGH
Network
|
openssl
|
openssl
|
Issue summary: Receiving a QUIC initial packet with an invalid token may
trigger a NULL pointer dereference in the OpenSSL QUIC server with
address validation disabled.
Impact summary: NULL pointer …
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-42764
|
2026-06-16 03:25 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
680
|
5.9 |
MEDIUM
Network
|
openssl
|
openssl
|
Issue summary: A specially crafted password-encrypted CMS message
can trigger a NULL pointer dereference during CMS decryption.
Impact summary: This NULL pointer dereference leads to an application …
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-42766
|
2026-06-16 03:25 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
