Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bareos vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-4042
Bareos before version 19.2.8 and previous versions allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos di...
Bareos Bareos
Bareos Bareos 19.2.8
6
CVSSv2
CVE-2020-11061
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This...
Bareos Bareos
Bareos Bareos 18.2.4
Debian Debian Linux 9.0
4.6
CVSSv2
CVE-2017-14610
bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and previous versions create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modif...
Bareos Bareos
6.8
CVSSv2
CVE-2022-24755
Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director >= 18.2 >= 18.2 but before 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, it will skip authorization checks completely. Expire...
Bareos Bareos
4.3
CVSSv2
CVE-2022-24756
Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director >= 18.2 but before 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, a failed PAM authentication will leak a small amount of memory....
Bareos Bareos
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started