Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
31140466.9%CRITICAL

Related CVEs

100+
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2026-44925Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge.HIGH8.89.8%May 20, 2026
CVE-2026-44924InfoScale VIOM 9.1.3 allows XSS.MEDIUM5.411.0%May 20, 2026
CVE-2026-44923SQL injection in InfoScale VIOM before v9.1.3 allows remote attackers to escalate privileges.MEDIUM6.522.5%May 20, 2026
CVE-2024-53915An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.CRITICAL9.855.4%Nov 24, 2024
CVE-2024-53914An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.CRITICAL9.855.4%Nov 24, 2024
CVE-2024-53913An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.CRITICAL9.855.4%Nov 24, 2024
CVE-2024-53912An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24341. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.CRITICAL9.855.4%Nov 24, 2024
CVE-2024-53911An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24339. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.CRITICAL9.855.4%Nov 24, 2024
CVE-2024-53910An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.CRITICAL9.855.4%Nov 24, 2024
CVE-2024-53909An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.CRITICAL9.855.4%Nov 24, 2024
CVE-2024-52945An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, a malicious DLL could be loaded, resulting in execution of the attacker's code in the user's security context.HIGH7.813.5%Nov 18, 2024
CVE-2024-52944An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24698. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user.MEDIUM5.426.2%Nov 18, 2024
CVE-2024-52943An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24697. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user.MEDIUM5.460.8%Nov 18, 2024
CVE-2024-52942An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24696. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user.MEDIUM5.426.2%Nov 18, 2024
CVE-2024-47854An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user.MEDIUM6.146.8%Oct 4, 2024
CVE-2024-33673An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access controls allow for DLL Hijacking in the Windows DLL Search path.HIGH7.85.2%Apr 26, 2024
CVE-2024-33672An issue was discovered in Veritas NetBackup before 10.4. The Multi-Threaded Agent used in NetBackup can be leveraged to perform arbitrary file deletion on protected files.HIGH7.16.4%Apr 26, 2024
CVE-2024-33671An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to perform arbitrary file deletion on protected files.HIGH7.16.3%Apr 26, 2024
CVE-2024-28222In Veritas NetBackup before 8.1.2 and NetBackup Appliance before 3.1.2, the BPCD process inadequately validates the file path, allowing an unauthenticated attacker to upload and execute a custom file.CRITICAL9.858.1%Mar 7, 2024
CVE-2024-27283A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application administrator can upload potentially malicious files to arbitrary locations on the server on which the application is installed.HIGH7.247.7%Feb 22, 2024