Every CVE whose affected-product data names Synology Calendar, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2019-11829 — CVSS 7.3 (high): OS command injection vulnerability in drivers_syno_import_user.php in Synology Calendar before 2.3.1-0617 allows remote attackers to…
CVE-2018-8915 — CVSS 6.5 (medium): Cross-site scripting (XSS) vulnerability in Notification Center in Synology Calendar before 2.1.1-0502 allows remote authenticated users to…
CVE-2017-15891 — CVSS 6.5 (medium): Improper access control vulnerability in SYNO.Cal.EventBase in Synology Calendar before 2.0.1-0242 allows remote authenticated users to…
CVE-2019-11825 — CVSS 6.5 (medium): Cross-site scripting (XSS) vulnerability in Event Editor in Synology Calendar before 2.3.0-0615 allows remote attackers to inject arbitrary…
CVE-2022-22682 — CVSS 6.5 (medium): Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Event Management in Synology Calendar…
CVE-2022-22686 — CVSS 6.5 (medium): Cross-Site Request Forgery (CSRF) vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated…
CVE-2021-34812 — CVSS 5.8 (medium): Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain…
CVE-2019-11820 — CVSS 5.5 (medium): Information exposure through process environment vulnerability in Synology Calendar before 2.3.3-0620 allows local users to obtain…
CVE-2018-8927 — CVSS 5.4 (medium): Improper authorization vulnerability in SYNO.Cal.Event in Calendar before 2.1.2-0511 allows remote authenticated users to create arbitrary…
CVE-2022-27617 — CVSS 5.0 (medium): Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology Calendar…
CVE-2018-13299 — CVSS 4.3 (medium): Relative path traversal vulnerability in Attachment Uploader in Synology Calendar before 2.2.2-0532 allows remote authenticated users to…