EUVD-2025-20191

Malicious code in bioql PyPI...

EUVD-2025-20190

Malicious code in bioql PyPI...

CVE-2025-48501

An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running...

Multiple vulnerabilities in Nimesa Backup and Recovery

Overview Nimesa Backup and Recovery provided by Nimesa contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2025-48501 Server-side request forgery CWE-918 - CVE-2025-53473 Kentaro Kawane of GMO Cybersecurity by Ierae reported this vulnerability to IPA. JPCERT/CC...

CVE-2025-53473

Server-side request forgery SSRF vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers...

CVE-2025-48501

An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running...

CVE-2025-53473

Server-side request forgery SSRF vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers...

CVE-2025-53473

Server-side request forgery SSRF vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers...

CVE-2025-53473

CVE-2025-53473 is a server-side request forgery (SSRF) vulnerability reported in Nimesa Backup and Recovery. Public sources identify multiple affected branches and versions, including: - prior to v3.0.2025062305, - v2.3, and - v2.4, with the risk of unintended requests being sent to internal serv...

CVE-2025-48501

CVE-2025-48501 is an OS command injection in Nimesa Backup and Recovery, affecting v2.3 and v2.4. The issue allows arbitrary OS commands to be executed on the server without user interaction over the network (high impact). Mitigation is to update the software to a fixed version per the vendor; mu...

CVE-2025-48501

An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running...

CVE-2025-48501

An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running...

PT-2025-28128 · Nimesa · Nimesa Backup/Recovery

Name of the Vulnerable Software and Affected Versions: Nimesa Backup and Recovery versions 2.3 through 2.4 Description: An OS command injection issue exists, allowing arbitrary OS commands to be executed on the server where the product is running if exploited. Recommendations: For versions 2.3 an...

PT-2025-28129 · Unknown · Nimesa Backup/Recovery

Name of the Vulnerable Software and Affected Versions: Nimesa Backup and Recovery affected versions not specified Description: A server-side request forgery SSRF issue exists, which may allow unintended requests to be sent to internal servers if exploited. Recommendations: At the moment, there is...

Nimesa Backup and Recovery 操作系统命令注入漏洞

Nimesa Backup and Recovery is a data backup and recovery software from Nimesa India. An operating system command injection vulnerability exists in Nimesa Backup and Recovery version v2.3 and v2.4, which stems from the presence of an OS command injection vulnerability that could lead to the...

JVN#88251376: Multiple vulnerabilities in Nimesa Backup and Recovery

Nimesa Backup and Recovery provided by Nimesa contains multiple vulnerabilities listed below. OS command injection CWE-78 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 9.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 9.8 CVE-2025-48501 Server-side request...