Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

qsync_central

Source -

NVDADP

CNA CVEs -

0

ADP CVEs -

1

CISA CVEs -

0

NVD CVEs -

60
Related CVEsRelated VendorsRelated AssignersReports
60Vulnerabilities found
CVE-2025-30275
Assigner-QNAP Systems, Inc.
ShareView Details
Assigner-QNAP Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 35.62%
||
7 Day CHG~0.00%
Published-29 Aug, 2025 | 17:16
Updated-19 Sep, 2025 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-30263
Assigner-QNAP Systems, Inc.
ShareView Details
Assigner-QNAP Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 35.62%
||
7 Day CHG~0.00%
Published-29 Aug, 2025 | 17:15
Updated-19 Sep, 2025 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0 ( 2025/06/13 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-30262
Assigner-QNAP Systems, Inc.
ShareView Details
Assigner-QNAP Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 35.62%
||
7 Day CHG~0.00%
Published-29 Aug, 2025 | 17:15
Updated-19 Sep, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0 ( 2025/06/13 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-30261
Assigner-QNAP Systems, Inc.
ShareView Details
Assigner-QNAP Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.15% / 35.92%
||
7 Day CHG~0.00%
Published-29 Aug, 2025 | 17:15
Updated-19 Sep, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0 ( 2025/06/13 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-30260
Assigner-QNAP Systems, Inc.
ShareView Details
Assigner-QNAP Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.15% / 35.92%
||
7 Day CHG~0.00%
Published-29 Aug, 2025 | 17:15
Updated-19 Sep, 2025 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-29898
Assigner-QNAP Systems, Inc.
ShareView Details
Assigner-QNAP Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.15% / 35.92%
||
7 Day CHG~0.00%
Published-29 Aug, 2025 | 17:15
Updated-19 Sep, 2025 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-29894
Assigner-QNAP Systems, Inc.
ShareView Details
Assigner-QNAP Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.12%
||
7 Day CHG~0.00%
Published-29 Aug, 2025 | 17:15
Updated-19 Sep, 2025 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-29893
Assigner-QNAP Systems, Inc.
ShareView Details
Assigner-QNAP Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.12%
||
7 Day CHG~0.00%
Published-29 Aug, 2025 | 17:14
Updated-19 Sep, 2025 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-50404
Assigner-QNAP Systems, Inc.
ShareView Details
Assigner-QNAP Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-40.67% / 97.27%
||
7 Day CHG~0.00%
Published-06 Dec, 2024 | 16:35
Updated-10 Dec, 2025 | 21:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: Qsync Central 4.4.0.16_20240819 ( 2024/08/19 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-47564
Assigner-QNAP Systems, Inc.
ShareView Details
Assigner-QNAP Systems, Inc.
CVSS Score-8||HIGH
EPSS-6.90% / 91.19%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 16:05
Updated-29 Aug, 2024 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync Central 4.4.0.15 ( 2024/01/04 ) and later Qsync Central 4.3.0.11 ( 2024/01/11 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Centralqsync_central
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
  • Previous
  • 1
  • 2
  • Next