Qvpn Device Client For Mac

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:qnap_systems_inc.:qvpn_device_client_for_mac:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorQnap Systems Inc. (1f66ac1e-0889-51bf-b27f-24c7175e5920)
ProductQvpn Device Client For Mac (cacd536c-c256-5b1c-a584-d3a99d37ac69)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-53594 vulnerable 2026-06-03 15:03:54.361734 Qfinder Pro, Qsync, QVPN
A path traversal vulnerability has been reported to affect several product versions. If a local attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: Qfinder Pro Mac 7.13.0 and later Qsync for Mac 5.1.5 and later QVPN Device Client for Mac 2.2.8 and later
Published: 2026-01-02T15:18:26.356Z
Updated: 2026-01-02T19:12:02.094Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-53694 vulnerable 2026-06-03 14:57:39.904587 QVPN Device Client, Qsync, Qfinder Pro
A time-of-check time-of-use (TOCTOU) race condition vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local attackers who have gained user access to gain access to otherwise unauthorized resources. We have already fixed the vulnerability in the following versions: QVPN Device Client for Mac 2.2.5 and later Qsync for Mac 5.1.3 and later Qfinder Pro Mac 7.11.1 and later
Published: 2025-03-07T16:13:36.014Z
Updated: 2025-03-07T17:55:30.126Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.