📦 Commvault

This CVE describes a path traversal vulnerability that allows remote attackers to access files outside intended directories, potentially leading to remote code execution. It affects systems running vu...

CVE-2025-3928 is a vulnerability in Commvault Web Server that allows authenticated remote attackers to create and execute webshells, potentially leading to complete system compromise. This affects all...

This CVE describes a stored Cross-Site Scripting (XSS) vulnerability in the Report Builder component of WebConsole. Attackers with edit permissions can inject malicious scripts that execute when other...

This vulnerability allows unauthenticated attackers to execute API calls without credentials in Commvault software, bypassing authentication mechanisms. It affects systems using the vulnerable login m...

This vulnerability allows remote attackers to gain administrative control of affected systems by exploiting default credentials during the brief setup window between installation and first administrat...