Filtered by vendor Acronis
Subscriptions
Total
138 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-49390 | 1 Acronis | 1 Cyber Files | 2024-10-18 | 7.3 High |
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | ||||
CVE-2024-49389 | 1 Acronis | 1 Cyber Files | 2024-10-18 | 7.8 High |
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | ||||
CVE-2024-49386 | 1 Acronis | 1 Cyber Files | 2024-10-18 | 5.7 Medium |
Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | ||||
CVE-2024-49391 | 1 Acronis | 1 Cyber Files | 2024-10-18 | 7.3 High |
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | ||||
CVE-2024-49392 | 1 Acronis | 1 Cyber Files | 2024-10-18 | 4.8 Medium |
Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | ||||
CVE-2024-49387 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-10-16 | 7.5 High |
Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | ||||
CVE-2024-49388 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-10-16 | 9.1 Critical |
Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | ||||
CVE-2024-49382 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-10-16 | 4.3 Medium |
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | ||||
CVE-2024-49383 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-10-16 | 4.3 Medium |
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | ||||
CVE-2024-49384 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-10-16 | 4.3 Medium |
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | ||||
CVE-2024-34010 | 1 Acronis | 1 Cyber Protect Cloud Agent | 2024-10-15 | N/A |
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690. | ||||
CVE-2022-45451 | 1 Acronis | 3 Agent, Cyber Protect, Cyber Protect Home Office | 2024-10-01 | 7.8 High |
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984. | ||||
CVE-2022-46868 | 2 Acronis, Microsoft | 2 Cyber Protect Home Office, Windows | 2024-10-01 | 7.8 High |
Local privilege escalation during recovery due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173. | ||||
CVE-2023-41743 | 2 Acronis, Microsoft | 4 Agent, Cyber Protect, Cyber Protect Home Office and 1 more | 2024-10-01 | 7.8 High |
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979. | ||||
CVE-2023-41744 | 2 Acronis, Apple | 3 Agent, Cyber Protect, Macos | 2024-10-01 | 7.8 High |
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Agent (macOS) before build 30600, Acronis Cyber Protect 15 (macOS) before build 35979. | ||||
CVE-2023-41746 | 2 Acronis, Microsoft | 2 Cloud Manager, Windows | 2024-10-01 | 9.8 Critical |
Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203. | ||||
CVE-2023-41748 | 2 Acronis, Microsoft | 2 Cloud Manager, Windows | 2024-10-01 | 9.8 Critical |
Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203. | ||||
CVE-2022-46869 | 2 Acronis, Microsoft | 2 Cyber Protect Home Office, Windows | 2024-10-01 | 7.8 High |
Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278. | ||||
CVE-2023-41751 | 2 Acronis, Microsoft | 2 Agent, Windows | 2024-10-01 | 5.5 Medium |
Sensitive information disclosure due to improper token expiration validation. The following products are affected: Acronis Agent (Windows) before build 32047. | ||||
CVE-2023-41742 | 4 Acronis, Apple, Linux and 1 more | 5 Agent, Cyber Protect, Macos and 2 more | 2024-09-27 | 7.5 High |
Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979. |