GCVE - cpe:2.3:a:qnap_systems_inc.:license_center:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:qnap_systems_inc.:license_center:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Qnap Systems Inc. (`1f66ac1e-0889-51bf-b27f-24c7175e5920`)
Product	License Center (`fd3a46aa-4fcc-5618-a1f0-3345c31000ee`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-53597`	vulnerable	2026-06-03 15:03:54.363587	License Center A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: License Center 2.0.36 and later Published: 2026-01-02T15:18:41.520Z Updated: 2026-01-02T19:11:27.286Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-25-52	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-52871`	vulnerable	2026-06-03 15:03:52.629405	License Center An out-of-bounds read vulnerability has been reported to affect License Center. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: License Center 2.0.36 and later Published: 2026-01-02T15:18:17.036Z Updated: 2026-01-02T19:12:32.718Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-25-52	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-22483`	vulnerable	2026-06-03 14:59:40.084806	License Center A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: License Center 1.8.51 and later License Center 1.9.51 and later Published: 2025-08-29T17:04:00.836Z Updated: 2025-08-29T17:14:55.555Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-25-27	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-50406`	vulnerable	2026-06-03 14:57:24.208778	License Center A cross-site scripting (XSS) vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: License Center 1.9.49 and later Published: 2025-06-06T15:53:24.123Z Updated: 2025-06-06T16:35:29.587Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-25-11	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-48863`	vulnerable	2026-06-03 14:57:10.336206	License Center A command injection vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. We have already fixed the vulnerability in the following version: License Center 1.9.43 and later Published: 2024-12-06T16:36:52.105Z Updated: 2024-12-06T19:32:20.048Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-24-50	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.