Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-27620 | 1 Synology | 2 Diskstation Manager, Sso Server | 2024-11-21 | N/A | 6.8 MEDIUM |
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology SSO Server before 2.2.3-0331 allows remote authenticated users to read arbitrary files via unspecified vectors. | |||||
CVE-2017-16775 | 1 Synology | 1 Sso Server | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
Improper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vectors. |