Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
veritas netbackup server vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-42301
An issue exists in Veritas NetBackup up to and including 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) injection attack through the nbars process.
Veritas Netbackup
9.8
CVSSv3
CVE-2022-42304
An issue exists in Veritas NetBackup up to and including 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code.
Veritas Netbackup
9.8
CVSSv3
CVE-2022-42307
An issue exists in Veritas NetBackup up to and including 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.
Veritas Netbackup
9.8
CVSSv3
CVE-2022-42303
An issue exists in Veritas NetBackup up to and including 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302.
Veritas Netbackup
6.5
CVSSv3
CVE-2022-42300
An issue exists in Veritas NetBackup up to and including 10.0.0.1 and related Veritas products. The NetBackup Primary server nbars process can be crashed resulting in a denial of service. (Note: the watchdog service will automatically restart the process.)
Veritas Netbackup
7.2
CVSSv3
CVE-2019-9867
An issue exists in the Web Console in Veritas NetBackup Appliance up to and including 3.1.2. The proxy server password is displayed to an administrator.
Veritas Netbackup Appliance
NA
CVE-2002-1375
The COM_CHANGE_USER command in MySQL 3.x prior to 3.23.54, and 4.x to 4.0.6, allows remote malicious users to execute arbitrary code via a long response.
Oracle Mysql 3.22.27
Oracle Mysql 3.22.28
Oracle Mysql 3.23.24
Oracle Mysql 3.23.25
Oracle Mysql 3.23.31
Oracle Mysql 3.23.34
Oracle Mysql 3.23.36
Oracle Mysql 3.23.42
Oracle Mysql 3.23.43
Oracle Mysql 3.23.5
Oracle Mysql 3.23.50
Oracle Mysql 4.0.1
Oracle Mysql 4.0.2
Symantec Veritas Netbackup Advanced Reporter 4.5 Fp3
Symantec Veritas Netbackup Advanced Reporter 4.5 Mp1
Symantec Veritas Netbackup Global Data Manager 4.5 Mp1
Symantec Veritas Netbackup Global Data Manager 4.5 Mp2
Oracle Mysql 3.22.29
Oracle Mysql 3.22.30
Oracle Mysql 3.23.26
Oracle Mysql 3.23.27
Oracle Mysql 3.23.37
1 EDB exploit
1 Github repository
NA
CVE-2002-1374
The COM_CHANGE_USER command in MySQL 3.x prior to 3.23.54, and 4.x prior to 4.0.6, allows remote malicious users to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the...
Oracle Mysql 3.22.32
Oracle Mysql 3.23.10
Oracle Mysql 3.23.29
Oracle Mysql 3.23.3
Oracle Mysql 3.23.39
Oracle Mysql 3.23.4
Oracle Mysql 3.23.46
Oracle Mysql 3.23.47
Oracle Mysql 3.23.53a
Oracle Mysql 3.23.8
Symantec Veritas Netbackup Advanced Reporter 3.4
Symantec Veritas Netbackup Advanced Reporter 4.5
Symantec Veritas Netbackup Global Data Manager 4.5
Symantec Veritas Netbackup Global Data Manager 4.5 Fp1
Oracle Mysql 3.22.26
Oracle Mysql 3.23.2
Oracle Mysql 3.23.23
Oracle Mysql 3.23.30
Oracle Mysql 3.23.31
Oracle Mysql 3.23.40
Oracle Mysql 3.23.41
Oracle Mysql 3.23.48
1 EDB exploit
NA
CVE-2002-1376
libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote malicious users to cause a denial of service and possibly execute arbitrary...
Oracle Mysql 3.22.32
Oracle Mysql 3.23.10
Oracle Mysql 3.23.28
Oracle Mysql 3.23.29
Oracle Mysql 3.23.38
Oracle Mysql 3.23.39
Oracle Mysql 3.23.46
Oracle Mysql 3.23.47
Oracle Mysql 3.23.53
Oracle Mysql 3.23.53a
Oracle Mysql 4.0.5a
Symantec Veritas Netbackup Advanced Reporter 3.4
Symantec Veritas Netbackup Global Data Manager 4.5
Symantec Veritas Netbackup Global Data Manager 4.5 Fp1
Oracle Mysql 3.23.2
Oracle Mysql 3.23.23
Oracle Mysql 3.23.3
Oracle Mysql 3.23.30
Oracle Mysql 3.23.4
Oracle Mysql 3.23.40
Oracle Mysql 3.23.48
Oracle Mysql 3.23.49
NA
CVE-2008-4339
Unspecified vulnerability in the Java Administration GUI (jnbSA) in Symantec Veritas NetBackup Server and NetBackup Enterprise Server 5.1 before MP7, 6.0 before MP7, and 6.5 prior to 6.5.2 allows remote authenticated users to gain privileges via unknown attack vectors related to ...
Symantec Netbackup Enterprise Server 5.1
Symantec Netbackup Server 6.5
Symantec Netbackup Server 6.0
Symantec Netbackup Server 5.1
Symantec Netbackup Enterprise Server 6.0
Symantec Netbackup Enterprise Server 6.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »