Category: Vulnerabilities

A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user. More information : https://www.veeam.com/kb4830

A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers. More information : https://www.veeam.com/kb4830

A security vulnerability has been detected in Tenda i12 1.0.0.6(2204). The impacted element is the function formwrlSSIDget of the file /goform/wifiSSIDget. Such manipulation of the argument index leads to stack-based buffer overflow. The attack...

A vulnerability was detected in projectsend up to r1945. This affects the function realpath of the file /import-orphans.php of the component Delete Handler. Performing a manipulation of the argument files[] results in path traversal....

A weakness has been identified in Tenda i12 1.0.0.6(2204). The affected element is the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. This manipulation of the argument index causes stack-based buffer overflow. The attack may be...

A security flaw has been discovered in Tenda i12 1.0.0.6(2204). Impacted is the function vos_strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput results in stack-based buffer overflow. The attack can be...

An improper sanitization of the compression_algorithm parameter in Canonical LXD allows an authenticated, unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and backup...

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. More information : https://www.veeam.com/kb4830

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. More information : https://www.veeam.com/kb4830

A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository. More information : https://www.veeam.com/kb4830

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. More information : https://www.veeam.com/kb4831

A vulnerability allowing a low-privileged user to extract saved SSH credentials. More information : https://www.veeam.com/kb4831

A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication. More information : https://www.veeam.com/kb4831

A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count (nc) attribute. This vulnerability allows a remote...