CVE-2025-32991

In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution...

EUVD-2025-208985

In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution...

CVE-2025-32991

In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution...

CVE-2025-32991

In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution...

CVE-2025-32991

N2WS Backup & Recovery (before 4.4.0) is affected by a two‑step attack against its RESTful API that leads to remote code execution. The available documents describe the vulnerability at a high level without detailing exploit vectors, affected modules, or versions beyond the 4.4.0 threshold. No re...

DELL OpenManage Enterprise Information Disclosure Vulnerability

DELL OpenManage Enterprise is an enterprise-class systems management console from Dell designed to simplify IT infrastructure management and support centralized lifecycle management of PowerEdge servers, storage, network devices and third-party components. An information disclosure vulnerability...

Dell OpenManage Enterprise 日志信息泄露漏洞

DELL OpenManage Enterprise is an enterprise-class systems management console from Dell designed to simplify IT infrastructure management and support centralized lifecycle management of PowerEdge servers, storage, network devices and third-party components. An information disclosure vulnerability...

CVE-2025-48501

An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running...

CVE-2025-53473

Server-side request forgery SSRF vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers...

CVE-2025-48501

An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running...

JVN#88251376: Multiple vulnerabilities in Nimesa Backup and Recovery

Nimesa Backup and Recovery provided by Nimesa contains multiple vulnerabilities listed below. OS command injection CWE-78 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 9.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 9.8 CVE-2025-48501 Server-side request...

PT-2024-6331 · Veeam · Veeam Service Provider Console

Name of the Vulnerable Software and Affected Versions: Veeam Service Provider Console VSPC affected versions not specified Description: A code injection vulnerability can allow a low-privileged user to overwrite files on the VSPC server, which can lead to remote code execution on the VSPC server...

Yokogawa CENTUM

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Yokogawa Equipment : CENTUM Vulnerability : Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary...

CVE-2024-25228

Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution RCE via the getVerifydiyResult function in ManoeuvreHandler.class.php...

CVE-2024-25228

Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution RCE via the getVerifydiyResult function in ManoeuvreHandler.class.php...

Vinchin Backup and Recovery Security Vulnerabilities

Vinchin Backup and Recovery is an easy-to-use, safe and reliable virtual machine data protection software from China Yunqi Technology Vinchin. It is used for backup and recovery. A security vulnerability exists in Vinchin Backup and Recovery 7.2 and earlier versions, which stems from vulnerabilit...

PT-2024-2557 · Vinchin · Vinchin Backup & Recovery

Name of the Vulnerable Software and Affected Versions: Vinchin Backup and Recovery versions 7.2 and earlier Description: The issue is related to the getVerifydiyResult function, which is vulnerable to Authenticated Remote Code Execution RCE. This vulnerability can be exploited by a remote attacke...

CVE-2024-22903

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the deleteUpdateAPK function...

CVE-2024-22902

Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials...

CVE-2024-22900

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution RCE vulnerability via the setNetworkCardInfo function...