CVE-2023-40711

Veilid before 0.1.9 does not check the size of uncompressed data during decompression upon an envelope receipt, which allows remote attackers to cause a denial of service out-of-memory abort via crafted packet data, as exploited in the wild in August 2023...

CVE-2025-40711

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the idconcesion parameter in /FacturaE/VerFacturaPDF...

CVE-2025-40711

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the idconcesion parameter in /FacturaE/VerFacturaPDF...

CVE-2025-40711

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the idconcesion parameter in /FacturaE/VerFacturaPDF...

CVE-2025-40711 SQL injection vulnerability in Quiter Gateway

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the idconcesion parameter in /FacturaE/VerFacturaPDF...

CVE-2025-40711 SQL injection vulnerability in Quiter Gateway

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the idconcesion parameter in /FacturaE/VerFacturaPDF...

CVE-2024-40711

A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution RCE...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-40711link is external Veeam Backup and Replication Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber...

Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware

Threat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware. Cybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to...

Veeam B&R RCE vulnerability CVE-2024-40711 is exploited in attacks

Veeam B &R RCE vulnerability CVE-2024-40711is exploited in attacks. On September 24, there were no signs of this vulnerability being exploited in the wild. And on October 10, Sophos X-Ops reported that they had observed a series of attacks exploiting this vulnerability over the course of a month...

Fixed vulnerabilities in several Veeam products.

Veeam has fixed vulnerabilities in several products, including Backup & Replication, ONE, Service Provider Console and Agent. UPDATE: POC code is now available online and CVE-2024-40711 has recently been actively abused to roll out ransomware. A malicious party can exploit the vulnerabilities to...

Exploit for Deserialization of Untrusted Data in Veeam Veeam_Backup_\&_Replication

CVE-2024-40711 Exploit for Veeam backup and Replication Pre-A...

Multiple Vulnerabilities in Veeam Backup & Replication

On Wednesday, September 4, 2024, backup and recovery software provider Veeam released their September security bulletin disclosing various vulnerabilities in Veeam products. One of the higher-severity vulnerabilities included in the bulletin is CVE-2024-40711, a critical unauthenticated remote co...

CVE-2024-40711

A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution RCE. Recent assessments: ccondon-r7 at November 22, 2024 4:42pm UTC reported: Critical unauthenticated remote code execution vulnerability in Veeam Backup & Replication, a...

Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues

Veeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution. The list of shortcomings is below - CVE-2024-40711 CVSS score: 9.8 - A vulnerability in Veeam Backup &...

CVE-2024-40711

creationtimestamp| type| source ---|---|--- 2024-09-05 07:08:09+00:00| seen| https://t.me/CyberBulletin/552 2024-09-05 17:15:55+00:00| seen| Telegram/JV0n6pLsOT6VJZsgrEwvOevCq5yhBWTCVGtt7W2JJuNFjI 2024-09-05 17:18:44+00:00| seen| https://t.me/CyberSecurityIL/55923 2024-09-05 18:58:23+00:00| seen|...

VulnCheck KEV: CVE-2024-40711

Veeam Backup and Replication contains a deserialization vulnerability allowing an unauthenticated user to perform remote code execution...

CVE-2023-40711

creationtimestamp| type| source ---|---|--- 2023-08-20 07:39:42+00:00| exploited| https://t.me/cibsecurity/68861...

CVE-2023-40711

Veilid before 0.1.9 does not check the size of uncompressed data during decompression upon an envelope receipt, which allows remote attackers to cause a denial of service out-of-memory abort via crafted packet data, as exploited in the wild in August 2023...

CVE-2023-40711

The CVE-2023-40711 issue affects Veilid prior to 0.1.9, where the uncompressed data size is not validated during decompression of an envelope receipt. This can cause a denial of service (out-of-memory abort) via crafted packet data; exploitation has been observed in the wild (Aug 2023). Affected ...