Vulnerabilities > Commvault > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-13 | CVE-2021-34996 | Unspecified vulnerability in Commvault Commcell 11.22.22 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. | 9.0 |
| 2018-01-19 | CVE-2017-18044 | OS Command Injection vulnerability in Commvault 11.0 A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. | 10.0 |
| 2017-12-16 | CVE-2017-3195 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Commvault Edge 11.0.0 Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code execution with administrative privileges. | 10.0 |
| 2015-11-04 | CVE-2015-7253 | OS Command Injection vulnerability in Commvault Edge Server 10 The Web Console in Commvault Edge Server 10 R2 allows remote attackers to execute arbitrary OS commands via crafted serialized data in a cookie. | 10.0 |