Notes Station 3
Approved changes feed: RSS · Atom
cpe:2.3:a:qnap_systems_inc.:notes_station_3:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Qnap Systems Inc. (1f66ac1e-0889-51bf-b27f-24c7175e5920) |
|---|---|
| Product | Notes Station 3 (46df9963-6916-5e5f-86ab-0918d4782e84) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-38646 |
vulnerable | 2026-06-03 14:56:19.195170 |
Notes Station 3
An incorrect permission assignment for critical resource vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow local authenticated attackers who have gained administrator access to read or modify the resource.
We have already fixed the vulnerability in the following version:
Notes Station 3 3.9.7 and later
Published: 2024-11-22T15:32:20.386Z
Updated: 2024-11-22T16:49:50.421Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-38645 |
vulnerable | 2026-06-03 14:56:19.194761 |
Notes Station 3
A server-side request forgery (SSRF) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote authenticated attackers to read application data.
We have already fixed the vulnerability in the following version:
Notes Station 3 3.9.7 and later
Published: 2024-11-22T15:32:26.439Z
Updated: 2024-11-22T16:52:01.922Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-38644 |
vulnerable | 2026-06-03 14:56:19.194333 |
Notes Station 3
An OS command injection vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote authenticated attackers to execute commands.
We have already fixed the vulnerability in the following version:
Notes Station 3 3.9.7 and later
Published: 2024-11-22T15:32:31.923Z
Updated: 2024-11-22T16:50:56.156Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-38643 |
vulnerable | 2026-06-03 14:56:19.193086 |
Notes Station 3
A missing authentication for critical function vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote attackers to gain access to and execute certain functions.
We have already fixed the vulnerability in the following version:
Notes Station 3 3.9.7 and later
Published: 2024-11-22T15:32:38.356Z
Updated: 2024-11-22T16:51:35.154Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27126 |
vulnerable | 2026-06-03 14:55:16.682412 |
Notes Station 3
MEDIUM (6.3)
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We have already fixed the vulnerability in the following versions:
Notes Station 3 3.9.6 and later
Published: 2024-09-06T16:26:37.078Z
Updated: 2024-09-06T17:50:39.130Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27122 |
vulnerable | 2026-06-03 14:55:16.669402 |
Notes Station 3
MEDIUM (6.3)
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We have already fixed the vulnerability in the following versions:
Notes Station 3 3.9.6 and later
Published: 2024-09-06T16:26:32.362Z
Updated: 2024-09-06T17:27:22.814Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.