Vulnerabilities (CVE)

Filtered by vendor Synology Subscribe

Filtered by product Drive Client

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-49037	1 Synology	1 Drive Client	2024-10-08	N/A	6.5 MEDIUM
Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVE-2022-49038	1 Synology	1 Drive Client	2024-10-08	N/A	7.8 HIGH
Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors.
CVE-2022-49039	1 Synology	1 Drive Client	2024-10-08	N/A	6.7 MEDIUM
Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors.
CVE-2022-49040	1 Synology	1 Drive Client	2024-10-08	N/A	4.4 MEDIUM
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in connection management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.
CVE-2022-49041	1 Synology	1 Drive Client	2024-10-08	N/A	4.4 MEDIUM
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors.
CVE-2023-52946	1 Synology	1 Drive Client	2024-10-08	N/A	8.2 HIGH
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial buffers and crash the client via unspecified vectors.