VYPR

Backup

by Comodo

CVEs (6)

  • CVE-2026-29200CriMay 4, 2026
    risk 0.64cvss epss 0.00

    A critical IDOR vulnerability has been discovered in Comet Backup affecting all versions from 20.11.0 to 26.1.1 and 26.2.1. The vulnerability allows a tenant administrator to impersonate any end-user account of other tenants on the same server via a vulnerable API call.

  • CVE-2018-25261HigApr 22, 2026
    risk 0.55cvss 8.4epss 0.00

    Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job with a crafted payload in the…

  • CVE-2020-37246MedMay 16, 2026
    risk 0.40cvss 6.2epss 0.01

    Supsystic Backup 2.3.9 contains a local file inclusion vulnerability that allows unauthenticated attackers to read and delete arbitrary files by manipulating the download path parameter. Attackers can modify the download parameter in admin.php requests with directory traversal…

  • CVE-2014-9633Feb 3, 2015
    risk 0.04cvss epss 0.08

    The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference.

  • CVE-2020-8427Feb 17, 2020
    risk 0.00cvss epss 0.01

    In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass.

  • CVE-2013-3685Feb 12, 2020
    risk 0.00cvss epss 0.00

    A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges.