40 matches found
EUVD-2017-14102
Malware in sbrugna...
EUVD-2017-7002
Malware in sbrugna...
EUVD-2017-14103
Malware in sbrugna...
EUVD-2016-0914
Malware in sbrugna...
EUVD-2016-0931
Malware in sbrugna...
EUVD-2019-13387
Malware in sbrugna...
EUVD-2020-21862
Malware in sbrugna...
CVE-2013-0944
The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL...
CVE-2013-3274
EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors...
GLSA-202210-09 : Rust: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202210-09 Rust: Multiple Vulnerabilities - In the standard library in Rust before 1.50.0, readtoend does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow. CVE-2021-28875 - In t...
CVE-2021-36317
Dell EMC Avamar Server 19.4 is listed as affected by CVE-2021-36317 due to a plain-text password storage vulnerability in AvInstaller. The vulnerability could allow a local attacker to disclose user credentials and then access the vulnerable application with the compromised account’s privileges. ...
CVE-2020-5329
Dell EMC Avamar Server contains an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links...
Authorization
Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. A remote low privileged attacker could potentially exploit this vulnerability, to gain unauthorized read or modification access to other users' backup data...
CVE-2021-21511
Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. A remote low privileged attacker could potentially exploit this vulnerability, to gain unauthorized read or modification access to other users' backup data...
Dell EMC Avamar Server SQL Injection Vulnerability
Dell EMC Avamar Server is a suite of fully virtualized backup and recovery software for servers from Dell USA. A SQL injection vulnerability exists in Dell EMC Avamar Server 19.1, 19.2, 19.3, which could be exploited by an unauthenticated, remote attacker to cause certain SQL commands to be...
CVE-2020-29494
Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Traversal Vulnerability in PDM. A remote user could potentially exploit this vulnerability, to gain unauthorized write access to the arbitrary files stored on the server filesystem, causing deletion of arbitrary files...
CVE-2020-29495
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high...
CVE-2020-29495
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high...
CVE-2020-29493
Affected product/versions: Dell EMC Avamar Server (versions 19.1, 19.2, 19.3). Vulnerability type & trend: SQL Injection in Fitness Analyzer allowing a remote unauthenticated attacker to execute SQL commands on the backend database. Impact (as stated): unauthorized read and write access to applic...
CVE-2017-4990
In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously crafted file to any directory which could allow the attacker to execute arbitrary code on the Avam...