A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthe…

This vulnerability allows remote attackers to execute arbitrary code on affected installations …

Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in th…

This vulnerability allows remote attackers to disclose sensitive information on affected instal…

This vulnerability allows remote attackers to execute arbitrary code on affected installations …

Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator

From the VSPC management agent machine, under condition that the management agent is authorized…

A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Cl…

A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL s…

Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterpris…

A vulnerability allowing remote code execution (RCE) for domain users.

A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoti…

A vulnerability in Veeam ONE allows a user with the Veeam ONE Read-Only User role to view the D…

A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Cl…

A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated d…

A vulnerability allowing an authenticated user with the Backup Operator role to modify backup j…

This vulnerability allows remote attackers to disclose sensitive information on affected instal…

Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x all…

From the VSPC management agent machine, under condition that the management agent is authorized…

Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).

Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used…

Veeam ONE Reporter 9.5.0.3201 allows CSRF.

Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) serv…

This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postg…

A vulnerability allowing an authenticated user with the Backup Administrator role to perform re…

A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account cr…

Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507…

A code injection vulnerability that permits a low-privileged user to upload arbitrary files to …

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on…

This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the …

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on…

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on…

A series of related high-severity vulnerabilities, the most notable enabling remote code execut…

A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres…

VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has…

A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated d…

Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise m…

A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated d…

A code injection vulnerability that allows a low-privileged user with REST API access granted t…

A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC …