Synology Skynas_firmware

13 CVEs affecting Synology Skynas_firmware. Latest disclosed: 2021-02-26. Critical: 3, High: 8.

Top CVEs affecting Synology Skynas_firmware
CVE	Severity	Score	Published	Summary
`CVE-2021-26562`	Critical	`9.0`	2021-02-26	Out-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execut…
`CVE-2021-26561`	Critical	`9.0`	2021-02-26	Stack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers t…
`CVE-2021-26560`	Critical	`9.0`	2021-02-26	Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-th…
`CVE-2021-26566`	High	`8.3`	2021-02-26	Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-midd…
`CVE-2021-26565`	High	`8.3`	2021-02-26	Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle…
`CVE-2021-26564`	High	`8.3`	2021-02-26	Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle…
`CVE-2020-27652`	High	`8.3`	2020-10-29	Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof server…
`CVE-2020-27648`	High	`8.3`	2020-10-29	Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers t…
`CVE-2021-26563`	High	`8.2`	2021-02-26	Incorrect authorization vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows local users to execute arbitrary co…
`CVE-2021-26567`	High	`7.8`	2021-02-26	Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname…
`CVE-2021-3156`	High	`7.8`	2021-01-26	Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" a…
`CVE-2019-3870`	Medium	`6.1`	2019-04-09	A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are create…
`CVE-2020-27650`	Medium	`5.8`	2020-10-29	Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remo…