Export limit exceeded: 357030 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (147 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-47854 | 1 Veritas | 1 Data Insight | 2025-10-17 | 6.1 Medium |
| An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user. | ||||
| CVE-2024-33671 | 1 Veritas | 1 Backup Exec | 2025-06-30 | 7.7 High |
| An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to perform arbitrary file deletion on protected files. | ||||
| CVE-2024-33673 | 1 Veritas | 1 Backup Exec | 2025-06-30 | 7.8 High |
| An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access controls allow for DLL Hijacking in the Windows DLL Search path. | ||||
| CVE-2024-33672 | 1 Veritas | 1 Netbackup | 2025-06-10 | 7.7 High |
| An issue was discovered in Veritas NetBackup before 10.4. The Multi-Threaded Agent used in NetBackup can be leveraged to perform arbitrary file deletion on protected files. | ||||
| CVE-2022-41320 | 1 Veritas | 1 System Recovery | 2025-05-27 | 6.5 Medium |
| Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration. This vulnerability could provide a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access. | ||||
| CVE-2022-41319 | 1 Veritas | 1 Desktop And Laptop Option | 2025-05-27 | 6.1 Medium |
| A Reflected Cross-Site Scripting (XSS) vulnerability affects the Veritas Desktop Laptop Option (DLO) application login page (aka the DLOServer/restore/login.jsp URI). This affects versions before 9.8 (e.g., 9.1 through 9.7). | ||||
| CVE-2024-27283 | 1 Veritas | 1 Ediscovery Platform | 2025-05-06 | 7.2 High |
| A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application administrator can upload potentially malicious files to arbitrary locations on the server on which the application is installed. | ||||
| CVE-2024-52945 | 1 Veritas | 1 Netbackup | 2025-04-30 | 7.8 High |
| An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, a malicious DLL could be loaded, resulting in execution of the attacker's code in the user's security context. | ||||
| CVE-2024-52944 | 1 Veritas | 1 Enterprise Vault | 2025-04-30 | 5.4 Medium |
| An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24698. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user. | ||||
| CVE-2024-52943 | 1 Veritas | 1 Enterprise Vault | 2025-04-30 | 5.4 Medium |
| An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24697. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user. | ||||
| CVE-2024-52942 | 1 Veritas | 1 Enterprise Vault | 2025-04-30 | 5.4 Medium |
| An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24696. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user. | ||||
| CVE-2022-45461 | 3 Linux, Opengroup, Veritas | 3 Linux Kernel, Unix, Netbackup | 2025-04-29 | 7.5 High |
| The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users (that have been explicitly added to the auth.conf file) to execute arbitrary commands as root. | ||||
| CVE-2022-46411 | 1 Veritas | 2 Access Appliance, Netbackup Flex Scale Appliance | 2025-04-24 | 8.8 High |
| An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. A default password is persisted after installation and may be discovered and used to escalate privileges. | ||||
| CVE-2022-46410 | 1 Veritas | 1 Netbackup Flex Scale Appliance | 2025-04-24 | 8.8 High |
| An issue was discovered in Veritas NetBackup Flex Scale through 3.0. An attacker with non-root privileges may escalate privileges to root by using specific commands. | ||||
| CVE-2022-46412 | 1 Veritas | 1 Netbackup Flex Scale Appliance | 2025-04-24 | 8.8 High |
| An issue was discovered in Veritas NetBackup Flex Scale through 3.0. A non-privileged user may escape a restricted shell and execute privileged commands. | ||||
| CVE-2022-46413 | 1 Veritas | 2 Access Appliance, Netbackup Flex Scale Appliance | 2025-04-24 | 8.8 High |
| An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Authenticated remote command execution can occur via the management portal. | ||||
| CVE-2022-46414 | 1 Veritas | 2 Access Appliance, Netbackup Flex Scale Appliance | 2025-04-24 | 9.8 Critical |
| An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command execution can occur via the management portal. | ||||
| CVE-2017-8895 | 1 Veritas | 1 Backup Exec | 2025-04-20 | N/A |
| In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. An unauthenticated attacker can use this vulnerability to crash the agent or potentially take control of the agent process and then the system it is running on. | ||||
| CVE-2017-8858 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2025-04-20 | N/A |
| In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. | ||||
| CVE-2017-8859 | 1 Veritas | 1 Netbackup Appliance | 2025-04-20 | N/A |
| In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. | ||||