Skip to main content

Bareos

5 CVEs product

Monthly

CVE-2022-24756 HIGH POC PATCH This Week

Bareos is open source software for backup, archiving, and recovery of data for operating systems. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Bareos
NVD GitHub
CVSS 3.1
7.5
EPSS
1.9%
CVE-2022-24755 CRITICAL POC PATCH Act Now

Bareos is open source software for backup, archiving, and recovery of data for operating systems. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Bareos
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2020-4042 MEDIUM This Month

Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Bareos
NVD GitHub
CVSS 3.1
6.8
EPSS
1.0%
CVE-2020-11061 HIGH This Week

In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Bareos Debian Linux
NVD GitHub
CVSS 3.1
7.4
EPSS
1.2%
CVE-2017-14610 HIGH This Week

bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Bareos
NVD
CVSS 3.0
7.8
EPSS
0.0%
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

Bareos is open source software for backup, archiving, and recovery of data for operating systems. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Bareos
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

Bareos is open source software for backup, archiving, and recovery of data for operating systems. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Bareos
NVD GitHub
EPSS 1% CVSS 6.8
MEDIUM This Month

Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Bareos
NVD GitHub
EPSS 1% CVSS 7.4
HIGH This Week

In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Bareos +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Bareos
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy