Export limit exceeded: 350615 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 80617 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80617 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-36997 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-11-21 | 7.1 High |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service. | ||||
| CVE-2022-36993 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-11-21 | 8.8 High |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server. | ||||
| CVE-2022-36991 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-11-21 | 8.1 High |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server. | ||||
| CVE-2022-36989 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-11-21 | 8.8 High |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server. | ||||
| CVE-2022-36988 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-11-21 | 8 High |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server. | ||||
| CVE-2022-36987 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-11-21 | 8.5 High |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server. | ||||
| CVE-2022-36986 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-11-21 | 8.6 High |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server. | ||||
| CVE-2022-36985 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-11-21 | 7.8 High |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges. | ||||
| CVE-2022-36984 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2024-11-21 | 7.7 High |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a NetBackup Primary server. | ||||
| CVE-2022-36955 | 1 Veritas | 1 Netbackup | 2024-11-21 | 7.8 High |
| In Veritas NetBackup, an attacker with unprivileged local access to a NetBackup Client may send specific commands to escalate their privileges. This affects 8.0 through 8.1.2, 8.2, 8.3 through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1. | ||||
| CVE-2022-36952 | 1 Veritas | 1 Netbackup | 2024-11-21 | 8.4 High |
| In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10. | ||||
| CVE-2022-36921 | 1 Jenkins | 1 Coverity | 2024-11-21 | 8.1 High |
| A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2022-36920 | 1 Jenkins | 1 Coverity | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2022-36916 | 1 Jenkins | 1 Google Cloud Backup | 2024-11-21 | 8.0 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup. | ||||
| CVE-2022-36900 | 1 Jenkins | 2 Compuware Zadviser Api, Jenkins | 2024-11-21 | 8.2 High |
| Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties. | ||||
| CVE-2022-36899 | 1 Jenkins | 2 Compuware Ispw Operations, Jenkins | 2024-11-21 | 8.2 High |
| Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties. | ||||
| CVE-2022-36889 | 1 Jenkins | 1 Deployer Framework | 2024-11-21 | 8.8 High |
| Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the application path of the applications when configuring a deployment, allowing attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller file system to the selected service. | ||||
| CVE-2022-36883 | 2 Jenkins, Redhat | 2 Git, Openshift | 2024-11-21 | 7.5 High |
| A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit. | ||||
| CVE-2022-36882 | 2 Jenkins, Redhat | 2 Git, Openshift | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Git Plugin 4.11.3 and earlier allows attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit. | ||||
| CVE-2022-36881 | 2 Jenkins, Redhat | 2 Git Client, Openshift | 2024-11-21 | 8.1 High |
| Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks. | ||||