Dsm
This hub aggregates every CVE we track for Dsm, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM3HIGH2LOW1
Monthly trend
0
0
0
2
0
0
0
0
1
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Dsm.
- CVE-2024-38648A hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent network to decrypt sensitive data including user credentials.5.7
- CVE-2025-1845ESAFENET DSM examExportPDF command injection6.3
- CVE-2024-29213Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector.7.8
- CVE-2024-29821Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector.7.8
- CVE-2010-3684The FTP authentication module in Synology Disk Station 2.x logs passwords to the web application interface in cases of incorrect login attempts, which allows local users to obtain sensitive informa...2.1
- CVE-2010-2453Multiple cross-site scripting (XSS) vulnerabilities in Synology Disk Station 2.x before DSM3.0-1337 allow remote attackers to inject arbitrary web script or HTML by connecting to the FTP server and...4.3
Product normalization is registry-driven with AI assist and human review. How it works