25 matches found
EUVD-2024-37505
Malicious code in bioql PyPI...
EUVD-2024-37506
Malicious code in bioql PyPI...
EUVD-2024-38201
Malicious code in bioql PyPI...
EUVD-2024-38200
Malicious code in bioql PyPI...
EUVD-2024-39885
Malicious code in bioql PyPI...
CVE-2024-38650
An authentication bypass vulnerability can allow a low privileged attacker to access the NTLM hash of service account on the VSPC server...
CVE-2024-39714
A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server...
CVE-2024-42448
From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution RCE on the VSPC server machine...
CVE-2024-42449
From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary files on the VSPC server machine...
CVE-2024-38651
A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC server, which can lead to remote code execution on VSPC server...
CVE-2024-38650
An authentication bypass vulnerability can allow a low privileged attacker to access the NTLM hash of service account on the VSPC server...
CVE-2024-39714
A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server...
CVE-2024-39715
A code injection vulnerability that allows a low-privileged user with REST API access granted to remotely upload arbitrary files to the VSPC server using REST API, leading to remote code execution on VSPC server...
CVE-2024-38651
A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC server, which can lead to remote code execution on VSPC server...
CVE-2024-39714
A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server...
CVE-2024-38650
CVE-2024-38650 affects Veeam Service Provider Console (VSPC) server. It describes an authentication bypass allowing a low-privileged attacker to access the NTLM hash of the service account on the VSPC server. The vulnerability is addressed in VSPC by an update: fixed starting with Veeam Service P...
CVE-2024-39715
CVE-2024-39715 describes a code injection vulnerability in Veeam Service Provider Console (VSPC) where a low-privileged user with REST API access can remotely upload arbitrary files to the VSPC server, leading to remote code execution. The description is consistent across multiple sources (NVD, R...
CVE-2024-39715
A code injection vulnerability that allows a low-privileged user with REST API access granted to remotely upload arbitrary files to the VSPC server using REST API, leading to remote code execution on VSPC server...
CVE-2024-38651
A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC server, which can lead to remote code execution on VSPC server...
CVE-2024-38651
CVE-2024-38651 affects Veeam Service Provider Console (VSPC); a low-privileged user can overwrite files on the VSPC server, enabling remote code execution. The vulnerability is listed under VSPC issue details and is addressed in VSPC 8.1 (build 8.1.0.21377). Exploit status is not detailed in the ...