Synology Drive Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Synology Drive Server.
By the Year
In 2025 there have been 0 vulnerabilities in Synology Drive Server. Drive Server did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 1 | 5.30 |
2018 | 3 | 5.77 |
It may take a day or so for new Drive Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Synology Drive Server Security Vulnerabilities
Information exposure vulnerability in SYNO.SynologyDrive.Files in Synology Drive before 1.1.2-10562
CVE-2018-13297
5.3 - Medium
- April 01, 2019
Information exposure vulnerability in SYNO.SynologyDrive.Files in Synology Drive before 1.1.2-10562 allows remote attackers to obtain sensitive system information via the dsm_path parameter.
Information Disclosure
Improper access control vulnerability in Synology Drive before 1.0.2-10275
CVE-2018-8922
6.5 - Medium
- June 01, 2018
Improper access control vulnerability in Synology Drive before 1.0.2-10275 allows remote authenticated users to access non-shared files or folders via unspecified vectors.
Cross-site scripting (XSS) vulnerability in File Sharing Notify Toast in Synology Drive before 1.0.2-10275
CVE-2018-8921
5.4 - Medium
- June 01, 2018
Cross-site scripting (XSS) vulnerability in File Sharing Notify Toast in Synology Drive before 1.0.2-10275 allows remote authenticated users to inject arbitrary web script or HTML via the malicious file name.
XSS
Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253
CVE-2018-8910
5.4 - Medium
- May 10, 2018
Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Synology Drive Server or by Synology? Click the Watch button to subscribe.