PT-2024-31482 · Veeam · Veeam Backup & Replication

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials...

Vulnerabilities Resolved in Veeam Backup & Replication 12.3

All vulnerabilities documented in this article were resolved in Veeam Backup & Replication 12.3. Veeam Product Latest Version Download Page Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we operat...

How to Disable Boot Prompt in Veeam Agent for Windows Recovery Media

Version Requirement Requires Veeam Agent for Microsoft Windows version 6.3, which is included with Veeam Backup & Replication 12.3. Purpose This article documents how to disable the 'Press any key to boot from CD or DVD... " prompt that appears when booting from the Veeam Agent for Microsoft...

Release Information for Veeam Backup & Replication 12.3

Requirements You can check the installed build number in the Veeam Backup & Replication Console's Main Menu ≡ under Help About. Release Information 12.3.2.4854 2026-06-08 Security Vulnerabilities CVE-2026-44963 | Severity: Critical 9.4 A vulnerability allowing remote code execution RCE on the...

PT-2024-28995 · Veeam · Veeam Backup & Replication

Name of the Vulnerable Software and Affected Versions: Veeam Backup & Replication affected versions not specified Description: A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution RCE by updating existing jobs. These jobs c...

Veeam Backup and Replication 10.x < 12.2.0.334 Authentication Bypass (November 2024) (KB4682)

The version of Veeam Backup and Replication installed on the remote Windows host is prior to 12.2.0.334. It is, therefore, affected by an authentication bypass vulnerability. Attackers must be able to perform Man-in-the-Middle MITM attack to exploit this vulnerability. Note that Nessus has not...

SUSE-SU-2024:4063-1 Security update for postgresql, postgresql16, postgresql17

This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: - bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane...

SUSE-SU-2024:4052-1 Security update for postgresql, postgresql16, postgresql17

This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: - bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane...

Unable to Interact with Some Hypervisors and Cloud Platforms

Veeam Backup & Replication 13.0.1 Upgrade Warning During the upgrade to Veeam Backup & Replication 13.0.1 or higher, the following warning may be displayed: Incompatible backup server certificate The certificate does not support child certificates creation and must be replaced for virtualization...

K000148488: MySQL vulnerabilities CVE-2024-21243 and CVE-2024-21237

Security Advisory Description CVE-2024-21243 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Telemetry. Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access...

CVE-2024-40715

A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle MITM attack to exploit this vulnerability...

CVE-2024-40715

A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle MITM attack to exploit this vulnerability...

CVE-2024-40715

CVE-2024-40715 affects Veeam Backup Enterprise Manager (VBEM) and enables authentication bypass when an attacker can perform a Man-in-the-Middle (MITM) attack. Public writeups in connected documents confirm the vulnerability is tied to VBEM and that exploitation requires MITM conditions. The reme...

Veeam Backup & Replication 安全漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication that originates from an attacker being able to bypass authentication if they are able to perform a man-in-the-middle attack...

Red Hat Keycloak 安全漏洞

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A security vulnerability exists in Red Hat Keycloak that stems from the environment option not working and the JGroups replication configuratio...

Release Information for Proxmox Virtual Environment Plug-In v12.1.1.1024

Requirements This update to the Proxmox Virtual Environment Plug-In for Veeam Backup & Replication requires: Veeam Backup & Replication build 12.2.0.334 You can check the build number in the Veeam Backup & Replication Console's Main Menu ≡ under Help About. Proxmox Virtual Environment Plug-In for...

PT-2025-11655 · Synology · Synology Application Service +1

Name of the Vulnerable Software and Affected Versions: Synology Replication Service versions prior to 1.0.12-0066, 1.2.2-0353, and 1.3.0-0423 Synology Unified Controller DSMUC versions prior to 3.1.4-23079 Description: The vulnerability is an off-by-one error in the transmission component of...

openSUSE: Security Advisory for 389 (SUSE-SU-2024:3843-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : 389-ds (SUSE-SU-2024:3843-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3843-1 advisory. - Persist extracted key path for ldapsslclientinit over repeat invocations bsc1230852 - Re-enable use of .dsrc basedn...

CVE-2024-43383 Apache Lucene.Net.Replicator: Remote Code Execution in Lucene.Net.Replicator

Deserialization of Untrusted Data vulnerability in Apache Lucene.Net.Replicator. This issue affects Apache Lucene.NET's Replicator library: from 4.8.0-beta00005 through 4.8.0-beta00016. An attacker that can intercept traffic between a replication client and server, or control the target replicati...