cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-41289,https://securityvulnerability.io/vulnerability/CVE-2023-41289,QcalAgent,"An OS command injection vulnerability has been identified in QcalAgent, which enables authenticated users to execute arbitrary commands through network interaction. This security flaw poses a risk of unauthorized control over systems if exploited. To mitigate this vulnerability, users are advised to upgrade to QcalAgent version 1.1.8 or later, where the issue has been resolved. Ensuring timely updates can significantly enhance the security posture against such vulnerabilities.",QNAP,QcalAgent,6.3,MEDIUM,0.0011099999537691474,false,false,false,false,,false,false,2024-01-05T17:15:00.000Z,0
CVE-2021-38677,https://securityvulnerability.io/vulnerability/CVE-2021-38677,Reflected XSS Vulnerability in QcalAgent,"A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later",QNAP,Qcalagent,5.3,MEDIUM,0.001120000029914081,false,false,false,false,,false,false,2022-01-14T01:15:00.000Z,0
CVE-2021-38678,https://securityvulnerability.io/vulnerability/CVE-2021-38678,Open Redirect Vulnerability in QcalAgent,"An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later",QNAP,Qcalagent,6.1,MEDIUM,0.000750000006519258,false,false,false,false,,false,false,2022-01-14T01:15:00.000Z,0