EUVD-2021-27562

Malicious code in bioql PyPI...

AOMEI Cyber Backup 访问控制错误漏洞

AOMEI Cyber Backup is a backup and restore software from China-based AOMEI Technology AOMEI. An access control error vulnerability exists in AOMEI Cyber Backup that stems from a lack of authentication for critical functions, which could lead to remote code execution...

Commvault 安全漏洞

Commvault is a data backup and recovery software from Commvault Corporation, USA. A security vulnerability exists in Commvault versions prior to 11.36.60 that stems from a known login mechanism that allows an unauthenticated attacker to execute API calls...

The vulnerability of the backup and recovery software for SyncBackTouch, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of the backup and recovery software for SyncBackTouch is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication

Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions. The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0. "A vulnerability...

CVE-2021-40385

An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is a privilege escalation from read-only user to admin...

CVE-2021-40387

An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution...

MSP360 Backup 安全漏洞

MSP360 Backup is a cross-platform data backup and recovery solution from MSP360, which supports hybrid backup with local storage and cloud storage and provides enterprise-level data protection. A security vulnerability exists in MSP360 Backup version 8.0, which stems from improper file system...

Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems

Veeam has released security updates to address a critical security flaw impacting its Backup & Replication software that could lead to remote code execution. The vulnerability, tracked as CVE-2025-23120 , carries a CVSS score of 9.9 out of 10.0. It affects 12.3.0.310 and all earlier version 12...

Dell NetWorker Management Console Server-Side Arbitrary Code Execution Vulnerability

Dell NetWorker Management Console is a backup and recovery software from Dell USA. A security vulnerability exists in Dell NetWorker Management Console, which arises from the mishandling of a server-side vulnerability that can be exploited by an attacker to run arbitrary code...

Dell NetWorker Management Console 安全漏洞

Dell NetWorker Management Console is a backup and recovery software from Dell USA. A security vulnerability exists in Dell NetWorker Management Console, which arises from the mishandling of a server-side vulnerability that can be exploited by an attacker to run arbitrary code...

New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack

Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2025-23114 , carries a CVSS score of 9.0 out of 10.0. "A vulnerability within the Veeam...

Hasleo Backup Suite Free 安全漏洞

Hasleo Backup Suite Free EasyUEFI Backup Suite Free is a completely free Windows backup software from Hasleo. A security vulnerability exists in Hasleo Backup Suite Free v4.9.4 and earlier versions, which stems from the vulnerability to unsecured privileges through the file recovery feature...

Dell Avamar SQL Injection Vulnerability (CNVD-2025-18250)

Dell Avamar is a software solution for data backup and recovery. A SQL injection vulnerability exists in Dell Avamar. The vulnerability stems from an improper neutralization of special elements in SQL commands. An attacker could exploit this vulnerability to perform command execution...

Dell Avamar SQL注入漏洞

Dell Avamar is a data backup and recovery software. A SQL injection vulnerability exists in Dell Avamar. The vulnerability stems from a lack of proper neutralization of specific elements used in SQL commands. An attacker could exploit the vulnerability to execute commands...

Dell NetWorker Management Console Trust Management Issues Vulnerability

Dell NetWorker Management Console is a backup and recovery software from Dell USA. A trust management issue vulnerability exists in Dell NetWorker Management Console version 19.11, which stems from the presence of improper cryptographic signature validation, and can be exploited by an attacker to...

Veeam Backup & Replication 安全漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication 12.2.0.334 and prior versions 12.X. The vulnerability stems from an insufficient privilege requirement for the method in question, which could lead to...

The vulnerability of the NTLM protocol implementation in the backup and recovery software for remote and cloud-based Veeam Service Provider Console (VSPC) users allows a hacker to bypass authentication procedures and gain unauthorized access to protected information.

The vulnerability of the NTLM protocol implementation in the backup and recovery software for remote and cloud-based Veeam Service Provider Consoles is related to insufficient protection of service data. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures an...

Syncovery For Linux Web-GUI Session Token Brute-Forcer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' require 'date' require 'json' require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/syncoveryfilesyncbackup'...

Using Veeam Backup Software on Provisioning Services Server

While running Veeam software to backup Provisioning Services PVS servers, one of the PVS servers display status as Down in PVS server console regardless of whether the stream service is running. The following screen shot shows the server status in PVS console. The following screen shot shows the...