| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-36329 | Denial of Service over OTA mechanism in Western Digital My Cloud Home and ibi devices | Western Digital | My Cloud Home and My Cloud Home Duo | Medium | 4.4 | 2023-05-10 19:23:30 | Deep Dive |
| CVE-2022-36330 | Buffer Overflow Vulnerability in Western Digital My Cloud Home and ibi devices | Western Digital | My Cloud Home and My Cloud Home Duo | Low | 1.9 | 2023-05-09 23:16:04 | Deep Dive |
| CVE-2023-22813 | Device API endpoint missing access controls on Western Digital Mobile and Web Apps | Western Digital | My Cloud OS 5 Mobile App | Low | 3.3 | 2023-05-08 22:56:49 | Deep Dive |
| CVE-2022-29844 | Western Digital My Cloud OS 5 arbitrary file read and write vulnerability via ftp | Western Digital | My Cloud | Medium | 6.7 | 2023-01-25 00:00:00 | Deep Dive |
| CVE-2022-29843 | Western Digital My Cloud OS 5 devices Command Injection Vulnerability | Western Digital | My Cloud | Medium | 6.2 | 2023-01-25 00:00:00 | Deep Dive |
| CVE-2022-29838 | Authentication issue with the encrypted volumes and auto mount feature in My Cloud devices | Western Digital | My Cloud | Medium | 4.3 | 2022-12-09 00:00:00 | Deep Dive |
| CVE-2022-29839 | Remote Backups Application Discloses Stored Credentials | Western Digital | My Cloud | Medium | 4.1 | 2022-12-09 00:00:00 | Deep Dive |
| CVE-2022-29837 | Path traversal Vulnerability in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi Devices | Western Digital | My Cloud Home | Medium | 4.7 | 2022-12-01 00:00:00 | Deep Dive |
| CVE-2022-29836 | Post-Auth Path Traversal Vulnerability Allows to Custom Package Installation via HTTP API | Western Digital | My Cloud Home | Low | 1.9 | 2022-11-09 00:00:00 | Deep Dive |
| CVE-2022-23006 | Buffer Overflow Vulnerability in Western Digital My Cloud Home Products and SanDisk ibi | Western Digital | My Cloud Home | Low | 1.8 | 2022-09-27 13:53:29 | Deep Dive |
| CVE-2022-29835 | WD Discovery's Use of Weak Hashing Algorithm for Code Signing | Western Digital | WD Discovery | Medium | 5.3 | 2022-09-19 19:43:53 | Deep Dive |
| CVE-2022-23004 | Algorithm incorrectly returning error and Invalid unreduced value written to output buffer | Western Digital | Sweet B Library | Medium | 5.3 | 2022-07-29 18:55:55 | Deep Dive |
| CVE-2022-23003 | Shared secret or Point multiplication of NIST P-256 points with X coordinate of zero | Western Digital | Sweet B Library | Medium | 5.3 | 2022-07-29 18:54:29 | Deep Dive |
| CVE-2022-23002 | Point Compression/Decompression of NIST P-256 points with X coordinate of zero | Western Digital | Sweet B Library | Medium | 5.3 | 2022-07-29 18:52:44 | Deep Dive |
| CVE-2022-23001 | Sweet-B Library: Point compress/decompress using the wrong bit for sign | Western Digital | Sweet B Library | Medium | 5.3 | 2022-07-29 18:51:26 | Deep Dive |
| CVE-2022-22999 | Cross-site Scripting Vulnerability in USB Backups App | Western Digital | My Cloud | High | 8.2 | 2022-07-25 18:47:36 | Deep Dive |
| CVE-2022-23000 | Weak Default SSL use in Port Forwarding Service | Western Digital | My Cloud | High | 7.3 | 2022-07-25 18:46:02 | Deep Dive |
| CVE-2022-22997 | Command Injection Vulnerability on My Cloud Home | Western Digital | My Cloud Home | Medium | 6.8 | 2022-07-12 20:22:36 | Deep Dive |
| CVE-2022-22998 | Protecting AWS credentials stored in plaintext on My Cloud Home | Western Digital | My Cloud Home | High | 8.0 | 2022-07-12 20:19:34 | Deep Dive |
| CVE-2022-22995 | Western Digital My Cloud OS 5 and My Cloud Home Unauthenticated Arbitrary File Write Vulnerability in Netatalk | Western Digital | My Cloud | Critical | 10.0 | 2022-03-25 00:00:00 | Deep Dive |