The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Synology DiskStation Manager

threat announce CVE-2017-5482 CVE-2017-5483 CVE-2017-5484

tcpdump: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 5.
Creation date: 30/01/2017.
Identifiers: bulletinapr2017, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, CVE-2017-5486, DLA-809-1, DSA-3775-1, FEDORA-2017-7ecbc90157, HT207615, openSUSE-SU-2017:1199-1, RHSA-2017:1871-01, SSA:2017-041-04, USN-3205-1, VIGILANCE-VUL-21705.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Full Vigil@nce bulletin... (Free trial)

threat note CVE-2017-5341 CVE-2017-5342

tcpdump: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 30/01/2017.
Identifiers: bulletinapr2017, CVE-2017-5341, CVE-2017-5342, DLA-809-1, DSA-3775-1, FEDORA-2017-7ecbc90157, HT207615, openSUSE-SU-2017:1199-1, RHSA-2017:1871-01, SSA:2017-041-04, USN-3205-1, VIGILANCE-VUL-21704.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-5202 CVE-2017-5203 CVE-2017-5204

tcpdump: four vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 30/01/2017.
Identifiers: bulletinapr2017, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, DLA-809-1, DSA-3775-1, FEDORA-2017-7ecbc90157, HT207615, openSUSE-SU-2017:1199-1, RHSA-2017:1871-01, SSA:2017-041-04, USN-3205-1, VIGILANCE-VUL-21703.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Full Vigil@nce bulletin... (Free trial)

weakness note CVE-2016-8574 CVE-2016-8575

tcpdump: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 30/01/2017.
Identifiers: bulletinapr2017, CVE-2016-8574, CVE-2016-8575, DLA-809-1, DSA-3775-1, FEDORA-2017-7ecbc90157, HT207615, openSUSE-SU-2017:1199-1, RHSA-2017:1871-01, SSA:2017-041-04, USN-3205-1, VIGILANCE-VUL-21701.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Full Vigil@nce bulletin... (Free trial)

computer threat announce CVE-2016-7922 CVE-2016-7923 CVE-2016-7924

tcpdump: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 28.
Creation date: 30/01/2017.
Identifiers: bulletinapr2017, CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984, CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, DLA-809-1, DSA-3775-1, FEDORA-2017-7ecbc90157, HT207615, K04225025, K31997425, K39512927, K49144112, K55129614, K72403108, K77384526, K94010578, K94778122, openSUSE-SU-2017:1199-1, RHSA-2017:1871-01, SSA:2017-041-04, USN-3205-1, VIGILANCE-VUL-21700.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Full Vigil@nce bulletin... (Free trial)

computer threat CVE-2016-10033

PHPMailer: code execution

Synthesis of the vulnerability

An attacker can use a vulnerability of PHPMailer, in order to run code.
Severity: 3/4.
Creation date: 29/12/2016.
Revision date: 27/01/2017.
Identifiers: CVE-2016-10033, DLA-770-1, DLA-770-2, DRUPAL-SA-CONTRIB-2017-005, DRUPAL-SA-PSA-2016-004, DSA-3750-1, DSA-3750-2, FEDORA-2016-6941d25875, FEDORA-2017-c3dc97e1e1, K74977440, VIGILANCE-VUL-21463.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use a vulnerability of PHPMailer, in order to run code.
Full Vigil@nce bulletin... (Free trial)

weakness announce CVE-2017-5223

PHPMailer: directory traversal via msgHTML

Synthesis of the vulnerability

An attacker can traverse directories via msgHTML() of PHPMailer, in order to read a file outside the service root path.
Severity: 2/4.
Creation date: 18/01/2017.
Identifiers: CVE-2017-5223, DLA-1591-1, DLA-1591-2, DLA-817-1, FEDORA-2017-c3dc97e1e1, VIGILANCE-VUL-21604.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can traverse directories via msgHTML() of PHPMailer, in order to read a file outside the service root path.
Full Vigil@nce bulletin... (Free trial)

computer weakness bulletin CVE-2017-5340

PHP: memory corruption via unserialize

Synthesis of the vulnerability

An attacker can generate a memory corruption via unserialize of PHP, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 12/01/2017.
Identifiers: 73832, CVE-2017-5340, openSUSE-SU-2017:0588-1, RHSA-2018:1296-01, SUSE-SU-2017:0534-1, USN-3211-1, USN-3211-2, VIGILANCE-VUL-21565.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a memory corruption via unserialize of PHP, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

security note CVE-2016-10045

PHPMailer: code execution

Synthesis of the vulnerability

An attacker can use a vulnerability of PHPMailer, in order to run code.
Severity: 3/4.
Creation date: 29/12/2016.
Revision date: 04/01/2017.
Identifiers: CVE-2016-10045, FEDORA-2016-6941d25875, FEDORA-2017-c3dc97e1e1, K73926196, TYPO3-EXT-SA-2017-004, TYPO3-EXT-SA-2017-005, TYPO3-EXT-SA-2017-006, VIGILANCE-VUL-21482.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use a vulnerability of PHPMailer, in order to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-8707

ImageMagick: buffer overflow via convert

Synthesis of the vulnerability

An attacker can generate a buffer overflow via convert of ImageMagick, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 09/12/2016.
Identifiers: CVE-2016-8707, DLA-756-1, DSA-3799-1, FEDORA-2017-3a568adb31, FEDORA-2017-8f27031c8f, openSUSE-SU-2016:3233-1, openSUSE-SU-2017:0023-1, SUSE-SU-2016:3258-1, TALOS-2016-0216, USN-3222-1, VIGILANCE-VUL-21344.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow via convert of ImageMagick, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Synology DiskStation Manager: