Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (48 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2024-45204 1 Veeam 1 Veeam Backup \& Replication 2025-04-24 4.3 Medium
A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial target and potentially leading to broader security vulnerabilities.
CVE-2022-43549 1 Veeam 1 Veeam Backup For Google Cloud 2025-04-24 9.8 Critical
Improper authentication in Veeam Backup for Google Cloud v1.0 and v3.0 allows attackers to bypass authentication mechanisms.
CVE-2015-5742 1 Veeam 1 Veeam Backup \& Replication 2025-04-12 N/A
VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files.
CVE-2025-23120 1 Veeam 1 Veeam Backup \& Replication 2025-04-02 8.8 High
A vulnerability allowing remote code execution (RCE) for domain users.
CVE-2022-26504 1 Veeam 1 Veeam Backup \& Replication 2024-11-21 8.8 High
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe
CVE-2022-26503 2 Microsoft, Veeam 2 Windows, Veeam 2024-11-21 7.8 High
Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges.
CVE-2021-35971 1 Veeam 1 Veeam Backup \& Replication 2024-11-21 9.8 Critical
Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting.
CVE-2020-15518 1 Veeam 2 Veeam Availability Suite, Veeam Backup \& Replication 2024-11-21 8.8 High
VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests.