Veritas

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-44925 1Veritas 1Infoscale Operations Manager May 21, 2026 May 20, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended mo...Show more Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge.Show less
CVE-2026-44924 1Veritas 1Infoscale Operations Manager May 21, 2026 May 20, 2026 N/A· v4 5.4 MEDIUM· v3 N/A· v2 InfoScale VIOM 9.1.3 allows XSS.
CVE-2026-44923 1Veritas 1Infoscale Operations Manager May 21, 2026 May 20, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 SQL injection in InfoScale VIOM before v9.1.3 allows remote attackers to escalate privileges.
CVE-2024-53915 1Veritas 1Enterprise Vault Nov 29, 2024 Nov 24, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserial...Show more An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.Show less
CVE-2024-53914 1Veritas 1Enterprise Vault Nov 29, 2024 Nov 24, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserial...Show more An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.Show less
CVE-2024-53913 1Veritas 1Enterprise Vault Nov 29, 2024 Nov 24, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserial...Show more An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.Show less
CVE-2024-53912 1Veritas 1Enterprise Vault Nov 29, 2024 Nov 24, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24341. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserial...Show more An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24341. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.Show less
CVE-2024-53911 1Veritas 1Enterprise Vault Nov 29, 2024 Nov 24, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24339. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserial...Show more An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24339. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.Show less
CVE-2024-53910 1Veritas 1Enterprise Vault Nov 29, 2024 Nov 24, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserial...Show more An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.Show less
CVE-2024-53909 1Veritas 1Enterprise Vault Nov 29, 2024 Nov 24, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserial...Show more An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It allows remote attackers to execute arbitrary code because untrusted data, received on a .NET Remoting TCP port, is deserialized.Show less
CVE-2024-52945 1Veritas 1Netbackup Apr 30, 2025 Nov 18, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attacker uses social enginee...Show more An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, a malicious DLL could be loaded, resulting in execution of the attacker's code in the user's security context.Show less
CVE-2024-52944 1Veritas 1Enterprise Vault Apr 30, 2025 Nov 18, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24698. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting while vie...Show more An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24698. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user.Show less
CVE-2024-52943 1Veritas 1Enterprise Vault Apr 30, 2025 Nov 18, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24697. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) whi...Show more An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24697. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user.Show less
CVE-2024-52942 1Veritas 1Enterprise Vault Apr 30, 2025 Nov 18, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24696. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) whi...Show more An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24696. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user without sanitization if executed by that user.Show less
CVE-2024-47854 1Veritas 1Data Insight Oct 17, 2025 Oct 4, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitiza...Show more An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user.Show less
CVE-2024-33673 1Veritas 1Backup Exec Jun 30, 2025 Apr 26, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access controls allow for DLL Hijacking in the Windows DLL Search path.
CVE-2024-33672 1Veritas 1Netbackup Jun 10, 2025 Apr 26, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 An issue was discovered in Veritas NetBackup before 10.4. The Multi-Threaded Agent used in NetBackup can be leveraged to perform arbitrary file deletion on protected files.
CVE-2024-33671 1Veritas 1Backup Exec Jun 30, 2025 Apr 26, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to perform arbitrary file deletion on protected files.
CVE-2024-28222 1Veritas 2Netbackup Netbackup Appliance Jan 21, 2025 Mar 7, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Veritas NetBackup before 8.1.2 and NetBackup Appliance before 3.1.2, the BPCD process inadequately validates the file path, allowing an unauthenticated attacker to upload and execute a custom file.
CVE-2024-27283 1Veritas 1Ediscovery Platform May 6, 2025 Feb 22, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application administrator can upload potentially malicious files to arbitrary locations on the server on which the application is installed...Show more A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application administrator can upload potentially malicious files to arbitrary locations on the server on which the application is installed.Show less

12 3 4 5 6 7 Next