Vulnerabilities > Veeam

DATE CVE VULNERABILITY TITLE RISK
2020-04-22 CVE-2020-10914 Deserialization of Untrusted Data vulnerability in Veeam ONE 9.5.4.4587
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587.
network
low complexity
veeam CWE-502
critical
 9.8
9.8
2019-07-27 CVE-2019-14298 Cross-site Scripting vulnerability in Veeam ONE Reporter 9.5.0.3201
Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx.
network
low complexity
veeam CWE-79
5.4
5.4
2019-07-27 CVE-2019-14297 Cross-site Scripting vulnerability in Veeam ONE Reporter 9.5.0.3201
Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to setDashboardWidget in CommonDataHandlerReadOnly.ashx.
network
low complexity
veeam CWE-79
5.4
5.4
2019-05-06 CVE-2019-11569 Cross-Site Request Forgery (CSRF) vulnerability in Veeam ONE Reporter 9.5.0.3201
Veeam ONE Reporter 9.5.0.3201 allows CSRF.
network
low complexity
veeam CWE-352
8.8
8.8