Synology BeeDrive 访问控制错误漏洞

Synology BeeDrive is a backup and synchronization appliance from China-based Synology Inc. An access control error vulnerability exists in Synology BeeDrive, which originates from a local user being able to write to arbitrary files...

EUVD-2021-29996

Malicious code in bioql PyPI...

EUVD-2021-29993

Malicious code in bioql PyPI...

EUVD-2021-29988

Malicious code in bioql PyPI...

EUVD-2021-29990

Malicious code in bioql PyPI...

EUVD-2021-29992

Malicious code in bioql PyPI...

Exploit for CVE-2025-29556

CVE-2025-29556 – ExaGrid Security Officer Account Creation Byp...

CVE-2021-43041

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP request could induce a format string vulnerability in the privileged vaultServer application...

Release Information for Veeam Backup for Nutanix AHV 6.1

This update has been superseded by Veeam Backup for Nutanix AHV 7.0, which was released alongside and supports only Veeam Backup & Replication 12.3. Requirements To upgrade to Veeam Backup for Nutanix AHV 6.1, download the installer below and run it on the Veeam Backup & Replication server that...

Kaseya Unitrends Backup Appliance has an unspecified vulnerability

Unitrends Backup UB is a suite of data protection software from Unitrends, Inc. that provides data backup, data recovery and deduplication functions.A security vulnerability exists in the Kaseya Unitrends Backup Appliance, which could be exploited by an attacker to log into the target system...

CVE-2021-43043

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...

CVE-2021-43033

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Multiple functions in the bpserverd daemon were vulnerable to arbitrary remote code execution as root. The vulnerability was caused by untrusted input received by the server being passed to system calls...

CVE-2021-43040

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The privileged vaultServer could be leveraged to create arbitrary writable files, leading to privilege escalation...

CVE-2021-43037

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows agent was vulnerable to DLL injection and binary planting due to insecure default permissions. This allowed privilege escalation from an unprivileged user to SYSTEM...

CVE-2021-43036

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The password for the PostgreSQL wguest account is weak...

CVE-2021-43044

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The SNMP daemon was configured with a weak default community...

CVE-2021-43040

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The privileged vaultServer could be leveraged to create arbitrary writable files, leading to privilege escalation...

CVE-2021-43035

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated SQL injection vulnerabilities were discovered, allowing arbitrary SQL queries to be injected and executed under the postgres superuser account. Remote code execution was possible, leading to full acces...

CVE-2021-43043

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...

CVE-2021-43042

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A buffer overflow existed in the vaultServer component. This was exploitable by a remote unauthenticated attacker...