Every CVE whose affected-product data names Synology Media Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-22683 — CVSS 10.0 (critical): Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Server before…
CVE-2024-4464 — CVSS 7.5 (high): Authorization bypass through user-controlled key vulnerability in streaming service in Synology Media Server before 1.4-2680, 2.0.5-3152…
CVE-2018-8914 — CVSS 7.3 (high): SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute…
CVE-2021-33180 — CVSS 7.3 (high): Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media…
CVE-2021-34808 — CVSS 5.8 (medium): Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to…
CVE-2022-27614 — CVSS 5.3 (medium): Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows…