This page lists publicly disclosed CVE vulnerabilities affecting synology media_server (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-4464 | Authorization bypass through user-controlled key vulnerability in streaming service in Synology Media Server before 1.4-2680, 2.0.5-3152 and 2.2.0-3325 allows remote attackers to read specific files via unspecified vectors. | [email protected] | 7.5 | 0.53% | 2024-12-18 | 2026-06-17 |
| CVE-2022-27614 | Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows remote attackers to obtain sensitive information via unspecified vectors. | [email protected] | 5.3 | 0.76% | 2022-07-28 | 2026-06-17 |
| CVE-2022-22683 | Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors. | [email protected] | 10.0 | 1.27% | 2022-07-28 | 2026-06-17 |
| CVE-2021-34808 | Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified vectors. | [email protected] | 5.8 | 1.02% | 2021-06-17 | 2026-06-16 |
| CVE-2021-33180 | Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | [email protected] | 7.3 | 0.99% | 2021-06-01 | 2026-06-16 |
| CVE-2018-8914 | SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter. | [email protected] | 7.3 | 1.31% | 2018-05-10 | 2026-06-16 |