13 matches found
EUVD-2025-10303
Malicious code in bioql PyPI...
CVE-2025-32406
An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1 before 11.0.2 allows remote attackers fetch and parse the XML response...
CVE-2024-48248
NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...
CVE-2024-48248
NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...
Nakivo Backup & Replication 安全漏洞
Nakivo Backup & Replication is a reliable, fast and affordable virtual machine backup solution from Nakivo, U.S.A. NAKIVO Backup & Replication provides reliable, fast and affordable virtual machine data protection for VMware environments. Specifically designed for virtualization, the product...
CVE-2024-48248
NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...
CVE-2024-48248
CVE-2024-48248 affects NAKIVO Backup & Replication prior to 11.0.0.88174. The vulnerability is an absolute path traversal via getImageByPath to /c/router, leading to unauthenticated arbitrary file read with potential remote code execution across the enterprise when cleartext credentials are expos...
NAKIVO Backup & Replication < 11.0.0.88174 Arbitrary File Read
NAKIVO Backup & Replication versions prior to 11.0.0.88174 are vulnerable are affected by a vulnerability allowing an unauthenticated attacker to read arbitrary files on the system via a specially crafted request. No source data...
CVE-2020-15851
Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. It is also possible to create or delete backup repositories...
CVE-2020-15850
Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges. This occurs because the database containing the users of the web application and the password-recovery secret value is...
CVE-2020-15851
Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. It is also possible to create or delete backup repositories...
CVE-2020-15850
Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges. This occurs because the database containing the users of the web application and the password-recovery secret value is...
CVE-2020-15850
Nakivo Backup & Replication Director 9.4.0.r43656 on Linux exposes insecure permissions: the web app user database and password-recovery secret are readable, enabling local users to access the Nakivo Director web interface and gain root privileges. No remediation details are provided in the suppl...