Vulnerabilities > Veeam > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-07 | CVE-2024-40711 | Deserialization of Untrusted Data vulnerability in Veeam Backup & Replication 12.0.0.1420 A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE). | 9.8 |
| 2023-11-07 | CVE-2023-38547 | Unspecified vulnerability in Veeam ONE A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. | 9.8 |
| 2022-12-05 | CVE-2022-43549 | Improper Authentication vulnerability in Veeam Backup for Google Cloud 1.0/3.0 Improper authentication in Veeam Backup for Google Cloud v1.0 and v3.0 allows attackers to bypass authentication mechanisms. | 9.8 |
| 2022-03-17 | CVE-2022-26501 | Missing Authentication for Critical Function vulnerability in Veeam Backup & Replication Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). | 9.8 |
| 2021-06-30 | CVE-2021-35971 | Deserialization of Untrusted Data vulnerability in Veeam Backup & Replication Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting. | 9.8 |
| 2020-04-22 | CVE-2020-10915 | Deserialization of Untrusted Data vulnerability in Veeam ONE 9.5.4.4587 This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. | 9.8 |
| 2020-04-22 | CVE-2020-10914 | Deserialization of Untrusted Data vulnerability in Veeam ONE 9.5.4.4587 This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. | 9.8 |