Lucene search
K

44 matches found

NVD
NVD
added yesterday3 views

CVE-2026-50364

Improper link resolution before file access 'link following' in Windows Server Backup allows an authorized attacker to elevate privileges locally...

7.3CVSS
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-50364

Technical details (affected product/version, root cause, and fixes) are not publicly available in the provided documents. Monitor for updates.

7.3CVSS6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-58203

Name of the Vulnerable Software and Affected Versions Windows Server Backup affected versions not specified Description An improper link resolution issue before file access, known as link following, allows an authorized attacker to elevate privileges locally. This flaw enables a low-privilege...

7.3CVSS6AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/25 4:6 a.m.8 views

CVE-2025-9120

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

8.6CVSS5.5AI score0.00158EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/24 12:3 a.m.23 views

CVE-2025-9120 RCE vulnerability has been discovered in OpenText™ Carbonite Safe Server Backup.

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

8.6CVSS0.00158EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.9 views

OpenText Carbonite Safe Server Backup 代码注入漏洞

OpenText Carbonite Safe Server Backup is a hybrid cloud backup software developed by OpenText Corporation in Canada. Versions of OpenText Carbonite Safe Server Backup 6.8.3 and earlier contained a code injection vulnerability. This vulnerability stemmed from improper code generation controls, whi...

8.6CVSS5.9AI score0.00158EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.14 views

PT-2026-4752

The web server of the Access Manager offers a functionality to download a backup of the local database stored on the device. This database contains the whole configuration. This includes encrypted MIFARE keys, card data, user PINs and much more. The PINs are even stored unencrypted. Combined with...

9.3CVSS5.9AI score0.00572EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/12/07 11:2 a.m.13 views

CVE-2025-14188

A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. The manipulation of the argument path leads to command injection. The attack is possible to be carried out...

8.6CVSS6.7AI score0.02512EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/07 11:2 a.m.3 views

CVE-2025-14188 UGREEN DH2100+ nas_svr create handler_file_backup_create command injection

A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. The manipulation of the argument path leads to command injection. The attack is possible to be carried out...

8.6CVSS6.7AI score0.02512EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-5392

Malware in sbrugna...

5.4CVSS5.5AI score0.00538EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-7311

Malware in sbrugna...

4.3CVSS4.8AI score0.01008EPSS
Exploits0References3
CNVD
CNVD
added 2024/10/17 12:0 a.m.5 views

JetBrains TeamCity Information Disclosure Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. An information disclosure vulnerability exists in...

7.5CVSS6.5AI score0.00526EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.5 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. An information disclosure vulnerability exists in...

7.5CVSS6.4AI score0.00526EPSS
Exploits0References2
OSV
OSV
added 2024/07/09 5:15 p.m.3 views

CVE-2024-38013

Microsoft Windows Server Backup Elevation of Privilege Vulnerability...

6.7CVSS5.8AI score0.00631EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.6 views

Microsoft Windows Server Security Vulnerabilities

Microsoft Windows Server is a suite of server operating systems from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Server Backup. An attacker could exploit the vulnerability to elevate privileges. The following products and editions are affected:Windows 10 Versio...

6.7CVSS6.6AI score0.00631EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.4 views

PT-2024-4974 · Microsoft · Windows Backup Service +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Server Backup affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in the Windows Backup Service, which is caused by incorrect handling of symbolic links before accessi...

6.8CVSS6.4AI score0.00631EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2023/07/25 8:15 p.m.1 views

CVE-2022-46900

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...

6.5CVSS6.9AI score0.0048EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/02/28 6:42 a.m.3 views

CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation. Tracked as CVE-2022-36537 CVSS score: 7.5, the issue impacts ZK Framework versions...

7.5CVSS7.1AI score0.95335EPSS
Exploits5
CISA KEV Catalog
CISA KEV Catalog
added 2023/02/27 12:0 a.m.40 views

ZK Framework AuUploader Unspecified Vulnerability

ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to...

7.5CVSS3.3AI score0.95335EPSS
In wildExploits5
GithubExploit
GithubExploit
added 2022/12/09 11:29 a.m.487 views

Exploit for CVE-2022-36537

CVE-2022-36537 Summary R1Soft Server Backup Manager uses t...

7.5CVSS8.2AI score0.95335EPSS
Exploits5
Rows per page
Query Builder