Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netbackup vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2020-36169
An issue exists in Veritas NetBackup up to and including 8.3.0.1 and OpsCenter up to and including 8.3.0.1. Processes using OpenSSL attempt to load and execute libraries from paths that do not exist by default on the Windows operating system. By default, on Windows systems, users...
Veritas Netbackup
Veritas Opscenter
7.2
CVSSv2
CVE-2020-36163
An issue exists in Veritas NetBackup and OpsCenter up to and including 8.3.0.1. NetBackup processes using Strawberry Perl attempt to load and execute libraries from paths that do not exist by default on the Windows operating system. By default, on Windows systems, users can creat...
Veritas Netbackup
Veritas Opscenter
NA
CVE-2023-26789
Veritas NetBackUp OpsCenter Version 9.1.0.1 is vulnerable to Reflected Cross-site scripting (XSS). The Web App fails to adequately sanitize special characters. By leveraging this issue, an attacker is able to cause arbitrary HTML and JavaScript code to be executed in a user'...
Veritas Netbackup Opscenter 9.1.0.1
NA
CVE-2022-46410
An issue exists in Veritas NetBackup Flex Scale up to and including 3.0. An attacker with non-root privileges may escalate privileges to root by using specific commands.
Veritas Netbackup Flex Scale Appliance
NA
CVE-2022-46412
An issue exists in Veritas NetBackup Flex Scale up to and including 3.0. A non-privileged user may escape a restricted shell and execute privileged commands.
Veritas Netbackup Flex Scale Appliance
NA
CVE-2023-26788
Veritas Appliance v4.1.0.1 is affected by Host Header Injection attacks. HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address.
Veritas Netbackup Appliance Firmware 4.1.0.1
7.5
CVSSv2
CVE-2002-1374
The COM_CHANGE_USER command in MySQL 3.x prior to 3.23.54, and 4.x prior to 4.0.6, allows remote malicious users to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the...
Oracle Mysql 3.22.32
Oracle Mysql 3.23.10
Oracle Mysql 3.23.29
Oracle Mysql 3.23.3
Oracle Mysql 3.23.39
Oracle Mysql 3.23.4
Oracle Mysql 3.23.46
Oracle Mysql 3.23.47
Oracle Mysql 3.23.53a
Oracle Mysql 3.23.8
Symantec Veritas Netbackup Advanced Reporter 3.4
Symantec Veritas Netbackup Advanced Reporter 4.5
Symantec Veritas Netbackup Global Data Manager 4.5
Symantec Veritas Netbackup Global Data Manager 4.5 Fp1
Oracle Mysql 3.22.26
Oracle Mysql 3.23.2
Oracle Mysql 3.23.23
Oracle Mysql 3.23.30
Oracle Mysql 3.23.31
Oracle Mysql 3.23.40
Oracle Mysql 3.23.41
Oracle Mysql 3.23.48
1 EDB exploit
7.5
CVSSv2
CVE-2002-1375
The COM_CHANGE_USER command in MySQL 3.x prior to 3.23.54, and 4.x to 4.0.6, allows remote malicious users to execute arbitrary code via a long response.
Oracle Mysql 3.22.27
Oracle Mysql 3.22.28
Oracle Mysql 3.23.24
Oracle Mysql 3.23.25
Oracle Mysql 3.23.31
Oracle Mysql 3.23.34
Oracle Mysql 3.23.36
Oracle Mysql 3.23.42
Oracle Mysql 3.23.43
Oracle Mysql 3.23.5
Oracle Mysql 3.23.50
Oracle Mysql 4.0.1
Oracle Mysql 4.0.2
Symantec Veritas Netbackup Advanced Reporter 4.5 Fp3
Symantec Veritas Netbackup Advanced Reporter 4.5 Mp1
Symantec Veritas Netbackup Global Data Manager 4.5 Mp1
Symantec Veritas Netbackup Global Data Manager 4.5 Mp2
Oracle Mysql 3.22.29
Oracle Mysql 3.22.30
Oracle Mysql 3.23.26
Oracle Mysql 3.23.27
Oracle Mysql 3.23.37
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2002-1376
libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote malicious users to cause a denial of service and possibly execute arbitrary...
Oracle Mysql 3.22.32
Oracle Mysql 3.23.10
Oracle Mysql 3.23.28
Oracle Mysql 3.23.29
Oracle Mysql 3.23.38
Oracle Mysql 3.23.39
Oracle Mysql 3.23.46
Oracle Mysql 3.23.47
Oracle Mysql 3.23.53
Oracle Mysql 3.23.53a
Oracle Mysql 4.0.5a
Symantec Veritas Netbackup Advanced Reporter 3.4
Symantec Veritas Netbackup Global Data Manager 4.5
Symantec Veritas Netbackup Global Data Manager 4.5 Fp1
Oracle Mysql 3.23.2
Oracle Mysql 3.23.23
Oracle Mysql 3.23.3
Oracle Mysql 3.23.30
Oracle Mysql 3.23.4
Oracle Mysql 3.23.40
Oracle Mysql 3.23.48
Oracle Mysql 3.23.49
NA
CVE-2022-46411
An issue exists in Veritas NetBackup Flex Scale up to and including 3.0 and Access Appliance up to and including 8.0.100. A default password is persisted after installation and may be discovered and used to escalate privileges.
Veritas Netbackup Flex Scale Appliance
Veritas Access Appliance
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »