Total CVEs

142,250

Critical Severity

3,947

High Severity

14,209

Last 7 Days

1,911
Quick preset (or use dates below)
Clear Filters
Showing 11,981 - 12,000 of 14,674 CVEs
CVE-2025-62854 MEDIUM - 6.5

An uncontrolled resource consumption vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Statio...

Vendor: QNAP Systems Inc.
Product: File Station 5
Published: Feb 11, 2026
Source: NVD
CVE-2025-62853 MEDIUM - 6.5

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5...

Vendor: QNAP Systems Inc.
Product: File Station 5
Published: Feb 11, 2026
Source: NVD
CVE-2025-59386 MEDIUM - 4.9

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the follow...

Vendor: QNAP Systems Inc.
Product: QuTS hero
Published: Feb 11, 2026
Source: NVD
CVE-2025-58472 MEDIUM - 4.9

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Centra...

Vendor: QNAP Systems Inc.
Product: Qsync Central
Published: Feb 11, 2026
Source: NVD
CVE-2025-58471 MEDIUM - 4.9

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource....

Vendor: QNAP Systems Inc.
Product: Qsync Central
Published: Feb 11, 2026
Source: NVD
CVE-2025-58470 MEDIUM - 6.5

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0...

Vendor: QNAP Systems Inc.
Product: Qsync Central
Published: Feb 11, 2026
Source: NVD
CVE-2025-58467 MEDIUM - 6.5

A relative path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Cent...

Vendor: QNAP Systems Inc.
Product: Qsync Central
Published: Feb 11, 2026
Source: NVD
CVE-2025-58466 MEDIUM - 4.9

A use of uninitialized variable vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to denial of service conditions, or modify control flow in unexpected ways. We have already ...

Vendor: QNAP Systems Inc.
Product: QTS, QuTS hero
Published: Feb 11, 2026
Source: NVD
CVE-2025-57711 MEDIUM - 4.9

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource....

Vendor: QNAP Systems Inc.
Product: Qsync Central
Published: Feb 11, 2026
Source: NVD
CVE-2025-57710 MEDIUM - 4.9

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource....

Vendor: QNAP Systems Inc.
Product: Qsync Central
Published: Feb 11, 2026
Source: NVD
CVE-2025-57708 MEDIUM - 6.5

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have ...

Vendor: QNAP Systems Inc.
Product: Qsync Central
Published: Feb 11, 2026
Source: NVD
CVE-2025-54170 MEDIUM - 6.5

An out-of-bounds read vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

Vendor: QNAP Systems Inc.
Product: Qsync Central
Published: Feb 11, 2026
Source: NVD
CVE-2025-54169 MEDIUM - 6.5

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later

Vendor: QNAP Systems Inc.
Product: File Station 5
Published: Feb 11, 2026
Source: NVD
CVE-2025-54163 MEDIUM - 4.9

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Statio...

Vendor: QNAP Systems Inc.
Product: File Station 5
Published: Feb 11, 2026
Source: NVD
CVE-2025-54162 MEDIUM - 4.9

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Sta...

Vendor: QNAP Systems Inc.
Product: File Station 5
Published: Feb 11, 2026
Source: NVD
CVE-2025-54161 MEDIUM - 4.9

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource...

Vendor: QNAP Systems Inc.
Product: File Station 5
Published: Feb 11, 2026
Source: NVD
CVE-2025-54155 MEDIUM - 4.9

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource...

Vendor: QNAP Systems Inc.
Product: File Station 5
Published: Feb 11, 2026
Source: NVD
CVE-2025-54152 MEDIUM - 6.5

A use of out-of-range pointer offset vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read sensitive portions of memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0....

Vendor: QNAP Systems Inc.
Product: Qsync Central
Published: Feb 11, 2026
Source: NVD
CVE-2025-54151 MEDIUM - 5.5

An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a local attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central...

Vendor: QNAP Systems Inc.
Product: Qsync Central
Published: Feb 11, 2026
Source: NVD
CVE-2025-54150 MEDIUM - 5.5

An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a local attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central...

Vendor: QNAP Systems Inc.
Product: Qsync Central
Published: Feb 11, 2026
Source: NVD