31 matches found
EUVD-2018-12592
Malware in sbrugna...
EUVD-2018-12591
Malware in sbrugna...
EUVD-2017-8119
Malware in sbrugna...
EUVD-2023-51256
Malicious code in bioql PyPI...
CVE-2023-47102
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid...
CVE-2018-20013
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadataid!=0 assertion, leading to shutting down the client application...
CVE-2018-20014
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::GetFileHashAndMetadata NULL pointer dereference, leading to shutting down the client application...
CVE-2023-47102
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid...
CVE-2023-47102
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid...
Code injection
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid...
CVE-2023-47102
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid...
UrBackup Security Vulnerability
UrBackup is an open source backup and recovery system for multiple platforms. A security vulnerability exists in UrBackup Server version 2.5.31, which stems from a failure message that confirms an invalid username and can be exploited by an attacker to brute force enumerate user accounts...
CVE-2023-47102
CVE-2023-47102 affects UrBackup Server 2.5.31. The issue stems from verbose authentication error messages that reveal whether a username exists, enabling brute-force enumeration of user accounts. Documented impact is limited to information disclosure that facilitates username guessing; no exploit...
CVE-2023-47102
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid...
PT-2023-30310 · Unknown · Urbackup Server
Name of the Vulnerable Software and Affected Versions: UrBackup Server version 2.5.31 Description: The issue allows for brute-force enumeration of user accounts. This is possible because a failure message confirms when a username is not valid. Recommendations: For UrBackup Server version 2.5.31,...
CVE-2018-20013
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadataid!=0 assertion, leading to shutting down the client application...
CVE-2018-20013
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadataid!=0 assertion, leading to shutting down the client application...
Design/Logic Flaw
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadataid!=0 assertion, leading to shutting down the client application...
CVE-2018-20013
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadataid!=0 assertion, leading to shutting down the client application...
CVE-2018-20013
The CVE-2018-20013 issue affects UrBackup 2.2.6. A malformed network request can trigger an assertion in fileservplugin/CClientThread.cpp: CClientThread::ProcessPacket metadata_id!=0, causing the client application to shut down. The reports indicate a network-exposed vulnerability that can termin...