CVE-2026-40195

CVE-2026-40195 affects Incus prior to v7.0.0, causing a nil-pointer dereference in the bucket-import path during bucket restoration from a malformed index.yaml. The bug occurs in CreateBucketFromBackup when srcBackup.Config is not validated (the code accesses srcBackup.Config.Bucket and related f...

GHSA-GC7J-G665-RXR9 Incus has a Nil-Pointer Dereference Panic via Bucket Metadata

Summary Missing validation logic in the storage bucket import logic allows an authenticated user with access to Incus' storage bucket feature to cause the Incus daemon to crash. Repeated use of this issue can be used to keep Incus offline causing a denial of service. Details The storage bucket...

EUVD-2026-16006

A vulnerability has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this issue is some unknown functionality of the component Backup Job Configuration File Handler. The manipulation leads to improper privilege management. The attack must be carried out locally. The attack is...

VulnCheck KEV: CVE-2022-40799

Data Integrity Failure in 'Backup Config' in D-Link DNR-322L = 2.60B15 allows an authenticated attacker to execute OS level commands on the device...

CVE-2022-40799

Data Integrity Failure in 'Backup Config' in D-Link DNR-322L = 2.60B15 allows an authenticated attacker to execute OS level commands on the device...

PT-2024-9476 · Advantech · Advantech Eki-6333Ac-2G +1

Name of the Vulnerable Software and Affected Versions: Advantech EKI-6333AC-2G versions 1.6.3 and earlier Advantech EKI-6333AC-2GD versions 1.6.3 and earlier Advantech EKI-6333AC-1GPO versions 1.2.1 and earlier Description: A vulnerability was discovered in the edgserver service of Advantech...

CVE-2022-40799

Data Integrity Failure in 'Backup Config' in D-Link DNR-322L = 2.60B15 allows an authenticated attacker to execute OS level commands on the device...

Command injection

Data Integrity Failure in 'Backup Config' in D-Link DNR-322L = 2.60B15 allows an authenticated attacker to execute OS level commands on the device...

CVE-2022-40799

CVE-2022-40799 affects D-Link DNR-322L firmware, where a data integrity failure in the Backup Config feature (Version

CVE-2019-15707

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...

CVE-2019-15707

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...

Improper access control

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...

CVE-2019-15707

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...

FlexAir Access Control 2.3.35 - Authentication Bypass

Exploit Title: FlexAir Access Control 2.3.35 - Authentication Bypass Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version: 2.3.35 Tested on: NA...