Filtered by vendor Veritas
Subscriptions
Total
125 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36159 | 1 Veritas | 1 Desktop And Laptop Option | 2024-11-21 | 5.3 Medium |
| Veritas Desktop and Laptop Option (DLO) before 9.5 disclosed operational information on the backup processing status through a URL that did not require authentication. | ||||
| CVE-2020-27157 | 1 Veritas | 1 Aptare | 2024-11-21 | 8.1 High |
| Veritas APTARE versions prior to 10.5 included code that bypassed the normal login process when specific authentication credentials were provided to the server. An unauthenticated user could login to the application and gain access to the data and functionality accessible to the targeted user account. | ||||
| CVE-2020-27156 | 1 Veritas | 1 Aptare | 2024-11-21 | 9.8 Critical |
| Veritas APTARE versions prior to 10.5 did not perform adequate authorization checks. This vulnerability could allow for remote code execution by an unauthenticated user. | ||||
| CVE-2020-12877 | 1 Veritas | 1 Aptare | 2024-11-21 | 7.5 High |
| Veritas APTARE versions prior to 10.4 allowed sensitive information to be accessible without authentication. | ||||
| CVE-2020-12876 | 2 Microsoft, Veritas | 2 Windows, Aptare | 2024-11-21 | 7.5 High |
| Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. This vulnerability only impacts Windows server deployments. | ||||
| CVE-2020-12875 | 1 Veritas | 1 Aptare | 2024-11-21 | 6.3 Medium |
| Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application. | ||||
| CVE-2020-12874 | 1 Veritas | 1 Aptare | 2024-11-21 | 9.8 Critical |
| Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server. | ||||
| CVE-2019-9868 | 1 Veritas | 1 Netbackup Appliance | 2024-11-21 | N/A |
| An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator. | ||||
| CVE-2019-9867 | 1 Veritas | 1 Netbackup Appliance | 2024-11-21 | N/A |
| An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator. | ||||
| CVE-2019-18780 | 3 Linux, Microsoft, Veritas | 8 Linux Kernel, Windows, Access and 5 more | 2024-11-21 | 9.8 Critical |
| An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. These Veritas products are affected: Access 7.4.2 and earlier, Access Appliance 7.4.2 and earlier, Flex Appliance 1.2 and earlier, InfoScale 7.3.1 and earlier, InfoScale between 7.4.0 and 7.4.1, Veritas Cluster Server (VCS) 6.2.1 and earlier on Linux/UNIX, Veritas Cluster Server (VCS) 6.1 and earlier on Windows, Storage Foundation HA (SFHA) 6.2.1 and earlier on Linux/UNIX, and Storage Foundation HA (SFHA) 6.1 and earlier on Windows. | ||||
| CVE-2019-14418 | 1 Veritas | 1 Resiliency Platform | 2024-11-21 | 8.8 High |
| An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existing files to take control of the VRP virtual machine. | ||||
| CVE-2019-14417 | 1 Veritas | 1 Resiliency Platform | 2024-11-21 | N/A |
| An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to DNS functionality. | ||||
| CVE-2019-14416 | 1 Veritas | 1 Resiliency Platform | 2024-11-21 | 7.2 High |
| An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to resiliency plans and custom script functionality. | ||||
| CVE-2019-14415 | 1 Veritas | 1 Resiliency Platform | 2024-11-21 | 4.8 Medium |
| An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. A persistent cross-site scripting (XSS) vulnerability allows a malicious VRP user to inject malicious script into another user's browser, related to resiliency plans functionality. A victim must open a resiliency plan that an attacker has access to. | ||||
| CVE-2018-18652 | 1 Veritas | 1 Netbackup Appliance | 2024-11-21 | N/A |
| A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input. | ||||
| CVE-2017-8895 | 1 Veritas | 1 Backup Exec | 2024-11-21 | N/A |
| In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. An unauthenticated attacker can use this vulnerability to crash the agent or potentially take control of the agent process and then the system it is running on. | ||||
| CVE-2017-8859 | 1 Veritas | 1 Netbackup Appliance | 2024-11-21 | N/A |
| In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. | ||||
| CVE-2017-8858 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2024-11-21 | N/A |
| In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. | ||||
| CVE-2017-8857 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2024-11-21 | N/A |
| In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. | ||||
| CVE-2017-8856 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2024-11-21 | N/A |
| In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. | ||||