VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
Multiple vulnerabilities allow remote authenticated users with administrator privileges to read/write/delete specific files. Affected product named by the advisory: Active Backup.
An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server. Affected products named by the advisory: C2. Affected products named by the advisory: C2.
Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote attackers to bypass authentication with prior knowledge of the distinguished name (DN).
Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors.
Synology has released a security update for the Synology SSL VPN Client utility to address vulnerabilities: CVE-2021-47960 allows remote attackers to access sensitive files from the SSL VPN Client installation directory via a local HTTP service when a user interacts with a crafted web page. CVE-2021-47961 allows remote attackers to obtain or manipulate the PIN code in SSL VPN Client, potentially leading to unauthorized VPN configuration and traffic interception when a user interacts with a crafted web page. Please refer to the