Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bacula bacula vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-15367
Bacula-web prior to 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an malicious user to access the Bacula database and, depending on configuration, escalate privileges on the server.
Bacula Bacula-web 8.0.0
Bacula Bacula-web
1 EDB exploit
7.5
CVSSv2
CVE-2014-8295
SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows remote malicious users to execute arbitrary SQL commands via the jobid parameter.
Bacula Bacula-web 5.2.10
1 EDB exploit
4
CVSSv2
CVE-2012-4430
The dump_resource function in dird/dird_conf.c in Bacula prior to 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors.
Bacula Bacula
Debian Debian Linux 7.0
Debian Debian Linux 6.0
6.9
CVSSv2
CVE-2008-5373
mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mtx.##### temporary file, probably a related issue to CVE-2005-2995.
Bacula Bacula 2.4.2
2.1
CVSSv2
CVE-2007-5626
make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent malicious users to obtain the password by listing the process and it...
Bacula Bacula
3.6
CVSSv2
CVE-2005-2995
bacula 1.36.3 and previous versions allows local users to modify or read sensitive files via symlink attacks on (1) the temporary file used by autoconf/randpass when openssl is not available, or (2) the mtx.[PID] temporary file in mtx-changer.in.
Bacula Bacula
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started