OpenSSL, GLIBC (GHOST), NTP
Samba
http://community.wd.com/t5/WD-My-Cloud/Samba-vulnerability-CVE-2015-0240/td-p/859273
Support is informed, but this takes very long.
I disabled Cloud Access since 3 weeks, as I don’t need it right now and I don’t trust the software of the MC as it is now.
There are plenty of vulnerability scanners out there, and many misconfigured routers.
The MC is a small Linux server, and needs maintenance like every other server, too.