commvault systems inc.

Top products

The 11 most recently published vulnerabilities affecting commvault systems inc..

• CVE-2025-57790Path Traversal Vulnerability8.8Aug 20, 2025
• CVE-2025-3928Commvault Web Server unspecified vulnerabilityKEV8.8Apr 25, 2025
• CVE-2025-34028Commvault Command Center Innovation Release <= 11.38.25 Unathenticated Install Package Path TraversalKEV10.0Apr 22, 2025
• CVE-2021-34997This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the...8.8Jan 13, 2022
• CVE-2021-34996This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the...8.8Jan 13, 2022
• CVE-2021-34995This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the...8.8Jan 13, 2022
• CVE-2021-34994This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the...8.8Jan 13, 2022
• CVE-2021-34993This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. Authentication is not required to exploit this vulnerability. The speci...9.8Jan 13, 2022
• CVE-2017-18044A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. A certain message parsing function inside the Commvault service does not properly validate ...9.8Jan 19, 2018
• CVE-2017-3195Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code execut...9.8Dec 15, 2017
• CVE-2015-7253The Web Console in Commvault Edge Server 10 R2 allows remote attackers to execute arbitrary OS commands via crafted serialized data in a cookie.10.0Nov 4, 2015