| 502534 | Qnap QTS Stack-based Buffer Overflow (CVE-2023-51367) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 504958 | Qnap QTS and QuTS Hero Improper Neutralization of Special Elements used in a Command (CVE-2025-22481) | Tenable OT Security | Tenable.ot | 1/16/2026 | 2/6/2026 | high |
| 502486 | Qnap QTS Cross-site Scripting (CVE-2018-19953) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | medium |
| 502490 | Qnap QTS Classic Buffer Overflow (CVE-2023-41275) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 502499 | Qnap QTS OS Command Injection (CVE-2023-41281) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 502504 | Qnap QTS Cross-site Scripting (CVE-2018-19943) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | medium |
| 502509 | Qnap QTS OS Command Injection (CVE-2023-23367) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 502564 | Qnap QTS OS Command Injection (CVE-2023-23369) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | critical |
| 502596 | Qnap QTS Classic Buffer Overflow (CVE-2023-45039) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 502619 | Qnap QTS Classic Buffer Overflow (CVE-2023-32968) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 502625 | Qnap QTS Unchecked Return Value (CVE-2023-50359) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | medium |
| 502635 | Qnap QTS Cross-site Scripting (CVE-2018-0716) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | medium |
| 502498 | Qnap QTS and myQNAPcloud SQL Injection (CVE-2024-21901) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | medium |
| 502549 | Qnap QuTS hero Cross-site Scripting (CVE-2020-2497) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | medium |
| 502561 | Qnap Multiple Operating Systems Command Injection (CVE-2023-23355) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 502562 | Qnap QTS Bash OS Command Injection (CVE-2014-7169) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | critical |
| 502513 | Qnap QES Cross-site Scripting (CVE-2020-2503) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | medium |
| 505141 | Qnap QTS and QuTS hero Buffer Copy without Checking Size of Input (CVE-2025-48725) | Tenable OT Security | Tenable.ot | 2/12/2026 | 2/13/2026 | low |
| 502638 | Qnap QTS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2017-17033) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | critical |
| 502533 | Qnap QTS Path Traversal (CVE-2023-45027) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | medium |
| 502536 | Qnap QTS Command Injection (CVE-2018-19949) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | critical |
| 502547 | Qnap QTS Link Following (CVE-2021-44052) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 502554 | Qnap QTS Command Injection (CVE-2018-14746) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | critical |
| 502557 | Qnap QTS Command Injection (CVE-2021-44051) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 502517 | Qnap QTS Improper Authentication (CVE-2024-21899) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | critical |
| 504823 | Qnap QTS and QuTS hero Path Traversal (CVE-2025-30270) | Tenable OT Security | Tenable.ot | 12/9/2025 | 2/25/2026 | medium |
| 504825 | Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-29882) | Tenable OT Security | Tenable.ot | 12/9/2025 | 2/25/2026 | medium |
| 504832 | Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50403) | Tenable OT Security | Tenable.ot | 12/11/2025 | 2/24/2026 | low |
| 504836 | Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50400) | Tenable OT Security | Tenable.ot | 12/11/2025 | 2/24/2026 | low |
| 504838 | Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50399) | Tenable OT Security | Tenable.ot | 12/11/2025 | 2/24/2026 | low |
| 504980 | Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-48729) | Tenable OT Security | Tenable.ot | 1/16/2026 | 2/6/2026 | medium |
| 505031 | Qnap QTS and QuTS hero Improper Limitation of a Pathname to a Restricted Directory (CVE-2025-59381) | Tenable OT Security | Tenable.ot | 1/20/2026 | 2/4/2026 | medium |
| 502535 | Qnap QTS Cross-site Scripting (CVE-2015-5664) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | medium |
| 504827 | Qnap QTS and QuTS hero Command Injection (CVE-2025-30264) | Tenable OT Security | Tenable.ot | 12/9/2025 | 2/25/2026 | high |
| 504978 | Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-47214) | Tenable OT Security | Tenable.ot | 1/16/2026 | 2/6/2026 | medium |
| 505139 | Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-59386) | Tenable OT Security | Tenable.ot | 2/12/2026 | 2/13/2026 | medium |
| 502552 | Qnap QTS Improper Input Validation (CVE-2019-7193) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | critical |
| 502640 | Qnap QTS Heap-based Buffer Overflow (CVE-2024-32763) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 502519 | Qnap QTS Bash OS Command Injection (CVE-2014-6271) | Tenable OT Security | Tenable.ot | 10/16/2024 | 4/21/2026 | critical |
| 502491 | Qnap Multiple Vulnerabilities in QTS, QuTS hero and QuTScloud (CVE-2023-47218) | Tenable OT Security | Tenable.ot | 10/16/2024 | 12/12/2025 | high |
| 502497 | Qnap QES Generation of Error Message Containing Sensitive Information (CVE-2020-2505) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | low |
| 502590 | Qnap Multiple Vulnerabilities in QTS, QuTS hero and QuTScloud (CVE-2023-50358) | Tenable OT Security | Tenable.ot | 10/16/2024 | 2/14/2026 | medium |
| 502620 | Qnap QTS Path Traversal (CVE-2013-7174) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 504830 | Qnap QTS and QuTS hero Improper Authentication (CVE-2024-48859) | Tenable OT Security | Tenable.ot | 12/11/2025 | 2/24/2026 | medium |
| 502537 | Qnap QES Path Traversal (CVE-2020-2504) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | high |
| 502489 | Qnap QTS Command Injection (CVE-2018-0730) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | critical |
| 505005 | Qnap QTS and QuTS hero Authentication Bypass by Spoofing (CVE-2025-59385) | Tenable OT Security | Tenable.ot | 1/19/2026 | 2/5/2026 | critical |
| 505012 | Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52426) | Tenable OT Security | Tenable.ot | 1/20/2026 | 2/4/2026 | medium |
| 504833 | Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50396) | Tenable OT Security | Tenable.ot | 12/11/2025 | 2/24/2026 | high |
| 504843 | Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2024-37042) | Tenable OT Security | Tenable.ot | 12/11/2025 | 2/24/2026 | medium |
