Dell PowerProtect Data Domain（Dell PowerProtect DD） 安全漏洞

The Dell PowerProtect Data Domain is a data protection storage appliance that is primarily used for enterprise-class backup, archiving, and disaster recovery. An OS command injection vulnerability exists in Dell PowerProtect Data Domain. The vulnerability stems from a failure to properly neutrali...

EUVD-2017-16311

Malware in sbrugna...

EUVD-2017-16313

Malware in sbrugna...

EUVD-2014-3158

Malware in sbrugna...

EUVD-2017-16309

Malware in sbrugna...

EUVD-2017-16310

Malware in sbrugna...

CVE-2014-3139

recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string...

Acronis Cyber Protect/Backup remote code execution

Acronis Cyber Protect or Backup is an enterprise backup/recovery solution for all, compute, storage and application resources. Businesses and Service Providers are using it to protect and backup all IT assets in their IT environment. The Acronis Cyber Protect appliance, in its default...

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in several MySQL products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle has fixed the...

Vulnerabilities fixed in Oracle MySQL

Vulnerabilities have been fixed in Oracle MySQL. The vulnerabilities allow a malicious party to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User Rights Access to sensitive data Oracle has fixed vulnerabilities i...

IBM Patches Critical, High-Severity Flaws in Spectrum Protect

IBM has disclosed critical and high-severity vulnerabilities in Spectrum Protect, Big Blue’s security tool under the umbrella of its Spectrum data storage software branding. The most severe of these flaws could cause a remote attacker to execute arbitrary code on impacted systems. Overall, IBM...

Unitrends Enterprise Backup bpserverd Privilege Escalation

It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system. This is very similar to...

Unitrends Enterprise Backup bpserverd Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends Enterprise Backup bpserverd Privilege Escalation', 'Description' = %q It was discovered that the Unitrends bpserverd proprietary...

CVE-2018-2468

Under certain conditions the backup server in SAP Adaptive Server Enterprise ASE, versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted...

The vulnerability of the web server of the Unitrends Enterprise Backup software allows a hacker to obtain root privileges.

The vulnerability of the web server of the Unitrends Enterprise Backup software lies in its lack of access control mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to obtain root privileges by modifying the cookie file issued upon system login...

Unitrends Enterprise Backup 7.3.0 Multiple Vulnerabilities

Multiple vulnerabilities in Unitrends Enterprise Backup version 7.3.0. Authentication bypass and remote code execution RCE. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Unitrends Enterprise Backup api/includes/users.php page password change vulnerability

Unitrends Enterprise Backup is backup software that incorporates cloud continuity services to ensure the recovery of your virtual, physical and cloud data, systems and applications. A password change vulnerability exists in the api/includes/users.php page of Unitrends Enterprise Backup, which can...

Unitrends Enterprise Backup 'token' cookie modification lifting vulnerability

Unitrends Enterprise Backup is a suite of enterprise-class data protection software from Unitrends, Inc. in the United States. The software provides data backup, data recovery and deduplication features. A security vulnerability exists in versions of Unitrends Enterprise Backup prior to 9.0.0. Th...

Unitrends Enterprise Backup api/includes/systems.php Remote Code Execution Vulnerability

Unitrends Enterprise Backup is a suite of enterprise-grade data protection software from the US-based Unitrends. The software provides data backup, data recovery and deduplication features. A security vulnerability exists in the api/includes/systems.php file in versions of Unitrends Enterprise...

Design/Logic Flaw

An authenticated user of Unitrends Enterprise Backup before 9.1.2 can execute arbitrary OS commands by sending a specially crafted filename to the /api/restore/download-files endpoint, related to the downloadFiles function in api/includes/restore.php...