Vulnerabilities (CVE)

Filtered by vendor Synology Subscribe
Filtered by product Sso Server
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-27620 1 Synology 2 Diskstation Manager, Sso Server 2024-11-21 N/A 6.8 MEDIUM
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology SSO Server before 2.2.3-0331 allows remote authenticated users to read arbitrary files via unspecified vectors.
CVE-2017-16775 1 Synology 1 Sso Server 2024-11-21 5.8 MEDIUM 7.1 HIGH
Improper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vectors.