138 matches found
The vulnerability of the EMC Avamar Client Manager component of the Dell EMC Avamar Server backup system allows a attacker to compromise the confidentiality and integrity of the protected information.
The vulnerability of the EMC Avamar Client Manager component of the Dell EMC Avamar Server backup system is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information through a special...
Email Provider VFEmail Suffers ‘Catastrophic’ Hack
Email provider VFEmail has suffered what the company is calling "catastrophic destruction" at the hands of an as-yet unknown intruder who trashed all of the company's primary and backup data in the United States. The firm's founder says he now fears some 18 years' worth of customer email may be...
CISO series: Strengthen your organizational immune system with cybersecurity hygiene
One of the things I love about my job is the time I get to spend with security professionals, learning firsthand about the challenges of managing security strategy and implementation day to day. There are certain themes that come up over and over in these conversations. My colleague Ken Malcolmso...
Security Bulletin: IBM Tivoli Storage Manager ASNODENAME Vulnerability (CVE-2015-7408)
Summary Unauthorized Tivoli Storage Manager client sessions using the ASNODENAME option may run as authorized sessions allowing the user to generate or retrieve backup data for which they are not authorized. Vulnerability Details CVEID: CVE-2015-7408 DESCRIPTION: Tivoli Storage Manager clients ca...
Design/Logic Flaw
Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...
CVE-2017-15519
Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...
CVE-2017-15519
Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...
CVE-2017-15519
NetApp SnapCenter Server (versions 2.0–3.0.1) is affected by a vulnerability via the NAS File Services plug-in that allows unauthenticated remote attackers to view and modify backup-related data. The root cause is exposure through the Plug-in for NAS File Services, enabling data exposure and back...
The vulnerability of the rl2_read_header function in the multimedia library Ffmpeg (libavformat/rl2.c) allows a attacker to trigger memory consumption and service failure.
The vulnerability of the rl2readheader function in the FFmpeg multimedia library, within the rl2.c component libavformat/rl2.c, is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to induce memory consumption and service failures by using a speciall...
Russian Hacker Selling Cheap Ransomware-as-a-Service On Dark Web
Ransomware has been around for a few years, but it has become an albatross around everyone's neck, targeting businesses, hospitals, financial institutions and individuals worldwide and extorting millions of dollars. Forget about developing sophisticated banking trojans and malware to steal money...
CVE-2016-9418
MyBB aka MyBulletinBoard before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name...
EMC Avamar Data Store and Avamar Virtual Edition Backup Data Read Vulnerability
EMC Avamar is a backup and recovery solution. EMC Avamar Server's ADS and AVE rely on client-side authentication, allowing remote attackers to read backup information using a vulnerable modified client agent...
Authentication flaw
Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent...
CVE-2016-0903
EMC Avamar Server (ADS/AVE) before 7.3.0-233 uses client-side authentication, allowing remote attackers to spoof clients and read backup data via a modified agent. Affected: Avamar Data Store and Avamar Virtual Edition. Impact: read-backup data. Remediation: upgrade to 7.3.0-233 or later as docum...
CVE-2016-0903
Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent...
CVE-2016-3759
The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to read backup data via a crafted application that leverages priv-app access to insert a backup transport, aka internal bug 28406080...
Information disclosure
The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to read backup data via a crafted application that leverages priv-app access to insert a backup transport, aka internal bug 28406080...
UBUNTU-CVE-2016-3759
The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to read backup data via a crafted application that leverages priv-app access to insert a backup transport, aka internal bug 28406080...
CVE-2016-3759
The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to read backup data via a crafted application that leverages priv-app access to insert a backup transport, aka internal bug 28406080...
CVE-2016-3759
The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to read backup data via a crafted application that leverages priv-app access to insert a backup transport, aka internal bug 28406080...