Vulnerabilities > Veritas > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-10-03 CVE-2022-42302 SQL Injection vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products.
network
low complexity
veritas CWE-89
critical
9.8
2022-10-03 CVE-2022-42303 SQL Injection vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products.
network
low complexity
veritas CWE-89
critical
9.8
2022-10-03 CVE-2022-42304 SQL Injection vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products.
network
low complexity
veritas CWE-89
critical
9.8
2022-10-03 CVE-2022-42307 XXE vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products.
network
low complexity
veritas CWE-611
critical
9.8
2022-07-28 CVE-2022-36986 Unspecified vulnerability in Veritas products
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products).
network
low complexity
veritas
critical
9.8
2022-07-27 CVE-2022-36950 Unspecified vulnerability in Veritas Netbackup
In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may be able to perform remote command execution through a Java classloader manipulation.
network
low complexity
veritas
critical
9.8
2022-07-27 CVE-2022-36951 Unspecified vulnerability in Veritas Netbackup
In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may compromise the host by exploiting an incorrectly patched vulnerability.
network
low complexity
veritas
critical
9.8
2022-07-27 CVE-2022-36952 Use of Hard-coded Credentials vulnerability in Veritas Netbackup
In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem.
network
low complexity
veritas CWE-798
critical
9.8
2022-04-01 CVE-2022-22965 Code Injection vulnerability in multiple products
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
network
low complexity
vmware cisco oracle siemens veritas CWE-94
critical
9.8
2021-12-06 CVE-2021-44677 Deserialization of Untrusted Data vulnerability in Veritas Enterprise Vault
An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2.
network
low complexity
veritas CWE-502
critical
9.8