Disclosure List

Product	Title	CVE	Advisory	Report
Synology - Surveillance Station	Arbitrary Picture Download			Report
Synology - Photo Station	Privilege Escalation and CSRF			Report
Synology - Moments	Root command execution
Synology - Calendar	Unauthenticated Command Execution
Synology - Safe Access	Multiple Vulnerabilities			Report
Synology SRM	Reset router with a user account
SoPlanning	Sharing Key Bypass			Report
QNAP - VideoStation	User RCE as Root
QNAP - Helpdesk	User enable access to SSH as root			Report
Synology - File Station	Stored XSS
QNAP - VideoStation	Multiple Vulnerabilities			Report
QNAP - PhotoStation	Application Privileges Checking Bypass			Report
QNAP - License Center	Authenticated remote code execution			Report
QNAP - Music Station	Unauthenticated file read and authentication bypass			Report
QNAP - Notes Station 3	Multiple vulnerabilities leading to full system compromise			Report
QNAP - QNAP AI Core	Docker Image leaking GitHub Personal Access Token			Report