ReportizFlow
Filtered by vendor Veritas
Subscriptions
Total
136 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27283 | 1 Veritas | 1 Ediscovery Platform | 2025-05-06 | 7.2 High |
| A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application administrator can upload potentially malicious files to arbitrary locations on the server on which the application is installed. | ||||
| CVE-2024-52945 | 1 Veritas | 1 Netbackup | 2025-04-30 | 7.8 High |
| An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, a malicious DLL could be loaded, resulting in execution of the attacker's code in the user's security context. | ||||
| CVE-2024-52944 | 1 Veritas | 1 Enterprise Vault | 2025-04-30 | 5.4 Medium |
| An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24698. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user. | ||||
| CVE-2024-52943 | 1 Veritas | 1 Enterprise Vault | 2025-04-30 | 5.4 Medium |
| An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24697. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user. | ||||
| CVE-2024-52942 | 1 Veritas | 1 Enterprise Vault | 2025-04-30 | 5.4 Medium |
| An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24696. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user. | ||||
| CVE-2022-45461 | 3 Linux, Opengroup, Veritas | 3 Linux Kernel, Unix, Netbackup | 2025-04-29 | 7.5 High |
| The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users (that have been explicitly added to the auth.conf file) to execute arbitrary commands as root. | ||||
| CVE-2022-46411 | 1 Veritas | 2 Access Appliance, Netbackup Flex Scale Appliance | 2025-04-24 | 8.8 High |
| An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. A default password is persisted after installation and may be discovered and used to escalate privileges. | ||||
| CVE-2022-46410 | 1 Veritas | 1 Netbackup Flex Scale Appliance | 2025-04-24 | 8.8 High |
| An issue was discovered in Veritas NetBackup Flex Scale through 3.0. An attacker with non-root privileges may escalate privileges to root by using specific commands. | ||||
| CVE-2022-46412 | 1 Veritas | 1 Netbackup Flex Scale Appliance | 2025-04-24 | 8.8 High |
| An issue was discovered in Veritas NetBackup Flex Scale through 3.0. A non-privileged user may escape a restricted shell and execute privileged commands. | ||||
| CVE-2022-46413 | 1 Veritas | 2 Access Appliance, Netbackup Flex Scale Appliance | 2025-04-24 | 8.8 High |
| An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Authenticated remote command execution can occur via the management portal. | ||||
| CVE-2022-46414 | 1 Veritas | 2 Access Appliance, Netbackup Flex Scale Appliance | 2025-04-24 | 9.8 Critical |
| An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command execution can occur via the management portal. | ||||
| CVE-2017-6408 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2025-04-20 | N/A |
| An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects to a socket before permissions are secured. | ||||
| CVE-2017-8895 | 1 Veritas | 1 Backup Exec | 2025-04-20 | N/A |
| In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. An unauthenticated attacker can use this vulnerability to crash the agent or potentially take control of the agent process and then the system it is running on. | ||||
| CVE-2017-8856 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2025-04-20 | N/A |
| In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. | ||||
| CVE-2017-8859 | 1 Veritas | 1 Netbackup Appliance | 2025-04-20 | N/A |
| In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. | ||||
| CVE-2017-6401 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2025-04-20 | N/A |
| An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur when using bpcd and bpnbat. | ||||
| CVE-2017-7444 | 1 Veritas | 1 System Recovery | 2025-04-20 | N/A |
| In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed. | ||||
| CVE-2017-8858 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2025-04-20 | N/A |
| In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. | ||||
| CVE-2017-6406 | 1 Veritas | 3 Access, Netbackup, Netbackup Appliance | 2025-04-20 | N/A |
| An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Arbitrary privileged command execution, using whitelist directory escape with "../" substrings, can occur. | ||||
| CVE-2017-8857 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2025-04-20 | N/A |
| In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. | ||||