Approved changes feed: RSS · Atom
cpe:2.3:a:qnap_systems_inc.:qvr:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Qnap Systems Inc. (1f66ac1e-0889-51bf-b27f-24c7175e5920) |
|---|---|
| Product | Qvr (adf4adca-c199-5d62-baf6-a6df75be0564) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-34974 |
not_vulnerable | 2026-06-03 14:52:17.472042 |
QTS, QuTS hero, QuTScloud, QVR, QES
HIGH (8.8)
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.
QuTScloud, QVR, QES are not affected.
We have already fixed the vulnerability in the following versions:
QTS 4.5.4.2790 build 20240605 and later
QuTS hero h4.5.4.2626 build 20231225 and later
Published: 2024-09-06T16:27:27.244Z
Updated: 2024-09-06T17:41:58.365Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-27588 |
vulnerable | 2026-06-03 14:46:47.543376 |
Vulnerability in QVR
CRITICAL (9.8)
We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.6 build 20220401 and later
Published: 2022-05-05T16:50:30.497Z
Updated: 2024-09-16T20:21:49.914Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-38686 |
vulnerable | 2026-06-03 14:45:07.891436 |
Improper Authentication Vulnerability in VioStor
HIGH (8.8)
An improper authentication vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later
Published: 2021-11-26T14:00:14.527Z
Updated: 2024-09-16T20:16:15.429Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-38685 |
vulnerable | 2026-06-03 14:45:07.890489 |
Command Injection Vulnerability in VioStor
CRITICAL (9.8)
A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later
Published: 2021-11-26T14:00:13.130Z
Updated: 2024-09-17T02:46:41.057Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34352 |
vulnerable | 2026-06-03 14:44:44.744045 |
Command Injection Vulnerability in QVR
HIGH (7.2)
A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210902 and later
Published: 2021-10-01T02:50:14.803Z
Updated: 2024-09-17T00:01:13.681Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34351 |
vulnerable | 2026-06-03 14:44:44.743691 |
Command Injection Vulnerability in QVR
CRITICAL (9.8)
A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210803 and later
Published: 2021-09-27T00:45:24.485Z
Updated: 2024-09-16T22:45:09.320Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34349 |
vulnerable | 2026-06-03 14:44:44.743332 |
Command Injection Vulnerability in QVR
HIGH (7.2)
A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210803 and later
Published: 2021-09-27T00:45:23.028Z
Updated: 2024-09-17T00:56:42.411Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34348 |
vulnerable | 2026-06-03 14:44:44.741941 |
Command Injection Vulnerability in QVR
CRITICAL (9.8)
A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210803 and later
Published: 2021-09-27T00:45:21.425Z
Updated: 2024-09-16T22:21:18.959Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.