A vulnerability, which was classified as critical, was found in Kashipara Billing Software 1.0. This affects an unknown part of the file material_bill.php of the component HTTP POST Request Handler. The manipulation of the argument itemtypeid leads to sql injection. It is possible to initiate the.....
9.8CVSS
9.7AI Score
0.001EPSS
Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain...
6.5AI Score
0.015EPSS
Summary Vulnerabilities in IBM Java affects IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products Vulnerability Details ** CVEID: CVE-2023-22081 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow a remote...
5.9CVSS
7.1AI Score
0.001EPSS
A vulnerability classified as problematic has been found in PHP Jabbers Cleaning Business 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument index leads to cross site scripting. It is possible to launch the attack remotely. VDB-235962 is the identifier...
6.1CVSS
6AI Score
0.003EPSS
A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been rated as critical. This issue affects the function setMainSource. The manipulation leads to os command injection. Local access is required to approach this attack. The exploit has been disclosed to the public.....
7.8CVSS
8AI Score
0.0005EPSS
A vulnerability was found in PHP Jabbers Shuttle Booking Software 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this...
6.1CVSS
6AI Score
0.002EPSS
How to Configure WDS to PXE Boot Veeam Agent for Microsoft Windows Recovery Media
This article documents a method to configure Windows Deployment Services (WDS) to PXE boot the Veeam Agent for Microsoft Windows Recovery Media over a...
7AI Score
This High severity org.apache.xmlgraphics:batik-bridge Dependency vulnerability was introduced in versions 8.20.0, 8.22.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Jira Software Data Center and Server. This org.apache.xmlgraphics:batik-bridge Dependency vulnerability, with a CVSS...
7.5CVSS
7.2AI Score
0.001EPSS
JA4+ - Suite Of Network Fingerprinting Standards
JA4+ is a suite of network Fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for threat actors, malware detection, session.....
7AI Score
A vulnerability was found in PHP Jabbers Night Club Booking Software 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack may be initiated remotely. The identifier.....
6.1CVSS
6AI Score
0.004EPSS
A vulnerability was found in AWS SDK 2.59.0. It has been rated as critical. This issue affects the function XpathUtils of the file aws-android-sdk-core/src/main/java/com/amazonaws/util/XpathUtils.java of the component XML Parser. The manipulation leads to server-side request forgery. Upgrading to.....
9.8CVSS
9.5AI Score
0.002EPSS
How to Configure PXE Booting of Veeam Agent for Linux Recovery Media
This article documents how to configure Linux to PXE boot the Veeam Agent for Linux Recovery Media over a...
7AI Score
VSS Snapshot Creation Delay on Server with DFSR Enabled
When preparing the DFS VSS writer for backup, the Veeam Agent gets into a recursion while checking the files in the scope of the DFS...
7.1AI Score
A vulnerability was found in Little Apps Little Software Stats. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file inc/class.securelogin.php of the component Password Reset Handler. The manipulation leads to improper access controls. The...
9.8CVSS
9.5AI Score
0.001EPSS
Summary A vulnerability in Apache Tomcat affects the product's management GUI, potentially allowing HTTP request smuggling and the obtaining of sensitive information. The Command Line Interface is unaffected. Vulnerability Details ** CVEID: CVE-2023-45648 DESCRIPTION: **Apache Tomcat is...
7.5CVSS
7.4AI Score
0.01EPSS
This High severity org.apache.xmlgraphics:batik-bridge Dependency RCE (Remote Code Execution) vulnerability was introduced in versions 8.20.0, 8.22.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, and 9.7.0 of Jira Software Data Center and Server. This org.apache.xmlgraphics:batik-bridge...
7.5CVSS
7.7AI Score
0.011EPSS
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the SitePages...
4.8CVSS
5.9AI Score
0.001EPSS
Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...
8.2CVSS
6.2AI Score
0.001EPSS
Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers...
6.6AI Score
0.01EPSS
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading....
9.8CVSS
9.8AI Score
0.002EPSS
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed...
5.4CVSS
5.9AI Score
0.002EPSS
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline...
5.4CVSS
5.9AI Score
0.002EPSS
Open redirect vulnerability has been found in the Open CMS product affecting versions 14 and 15 of the 'Mercury' template. An attacker could create a specially crafted URL and send it to a specific user to redirect them to a malicious site and compromise them. Exploitation of this vulnerability is....
6.1CVSS
6.6AI Score
0.01EPSS
This error occurs when the storage device is formatted with a 4k logical block size and the Veeam Data Mover Service does not have sufficient permissions to determine the logical block...
7AI Score
'Events data collection failure' Issue
This article provides guidance to troubleshooting Veeam Backup and Replication/Hyper-V event collection...
7.1AI Score
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at...
7.5CVSS
7.5AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in Alkacon Software Open CMS, affecting versions 14 and 15 of the 'Mercury' template. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload to a victim and partially take control of their browsing...
6.1CVSS
6.1AI Score
0.001EPSS
Veeam Repair/Reinstall/Update fails with "The following SQL database patches are missed"
When attempting to repair, reinstall, or update Veeam Backup & Replication the process may fail with "The following SQL database patches are missed." This article discusses the cause and effective methods to work around this...
1.7AI Score
Replication job to a VVOL target will fail with the error below:Task..vm- will contain following error:[TIMESTAMP] <21> Info [AP] (5e06)...
0.5AI Score
Deduplication Appliance Best Practices
This article provides links to documentation regarding the optimal configuration of Veeam Backup & Replication when using deduplicated storage and provides generalized configuration...
6.9AI Score
Intel Arc™ & Iris® Xe Graphics Software May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Arc™ & Iris® Xe Graphics software which may allow escalation of privilege. Intel is releasing updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...
7.8CVSS
7.4AI Score
0.0004EPSS
KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the...
8.8CVSS
6AI Score
0.0004EPSS
A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been declared as critical. This vulnerability affects the function changedSource. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the...
7.8CVSS
7.6AI Score
0.0004EPSS
By default, these components are only aware of publicly available Certification Authorities. If an Internal CA is used to sign the Cluster or Veeam Backup & Replication certificate, these components will fail to verify the certificate, and communication will...
7.1AI Score
File Level Restore - FUSE mount is not supported on kernel versions 4.0.0-4.1.33.
Recovery from backup on a machine running Linux kernel of one of versions 4.0.0-4.1.33 typically fails with ‘FUSE mount is not supported on kernel versions 4.0.0-4.1.33. Upgrade the kernel and try...
7AI Score
Error: Backup proxy is missing C++ runtime components
This error occurs when the VDDK libraries on the VMware Backup Proxy could not be...
6.9AI Score
Cisco IOS and IOS XE Software SNMP Extended Named Access Control List Bypass Vulnerability
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to...
7AI Score
EPSS
A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file party_submit.php of the component HTTP POST Request Handler. The manipulation of the argument party_name leads to sql injection. The attack can be...
9.8CVSS
9.7AI Score
0.001EPSS
A vulnerability, which was classified as critical, has been found in Kashipara Billing Software 1.0. Affected by this issue is some unknown functionality of the file submit_delivery_list.php of the component HTTP POST Request Handler. The manipulation of the argument customer_details leads to sql.....
9.8CVSS
9.6AI Score
0.001EPSS
A vulnerability classified as critical was found in Kashipara Billing Software 1.0. Affected by this vulnerability is an unknown functionality of the file buyer_detail_submit.php of the component HTTP POST Request Handler. The manipulation of the argument gstn_no leads to sql injection. The attack....
9.8CVSS
9.8AI Score
0.001EPSS
Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report "memory...
6.5AI Score
0.046EPSS
In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with eth_hdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llc_rcv on a tun device. Tun can insert packets without mac len...
6.5AI Score
0.0004EPSS
In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image...
6.9AI Score
0.0004EPSS
How to Reinstall the Veeam Transport Service on a Linux Server
This article documents the procedure for redeploying the Veeam Transport (Data Mover) Service on a Linux server managed by Veeam Backup & Replication without removing it from Veeam Backup &...
2.1AI Score
Release Information for Veeam Service Provider Console 7 Cumulative Patches
Release Information for Veeam Service Provider Console 7 Cumulative...
6.7AI Score
VM Disks Support for oVirt Incremental Backup
Backup warning: "Unable to enabled ovirt incremental backups for disk. Full scan backups will be...
7.1AI Score
1.5AI Score
In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the bug. write$tun(r0,...
5.8AI Score
0.0004EPSS
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline...
5.4CVSS
5.9AI Score
0.002EPSS
Trustwave ModSecurity 3.0.5 through 3.0.8 before 3.0.9 allows a denial of service (worker crash and unresponsiveness) because some inputs cause a segfault in the Transaction class for some...
7.5CVSS
7.1AI Score
0.001EPSS