CVE-2026-44925

Cross-Site Request Forgery CSRF vulnerability in InfoScale v.9.1.3 Operations Manager VIOM allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge...

CVE-2022-26484

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...

EUVD-2023-36813

Malicious code in bioql PyPI...

EUVD-2023-42221

Malicious code in bioql PyPI...

EUVD-2022-31041

Malicious code in bioql PyPI...

CVE-2023-32569

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers who must have admin credentials to submit arbitrary SQL...

CVE-2023-38404

The XPRTLD web application in Veritas InfoScale Operations Manager VIOM before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server. An authenticated attacker can then execute the malicious file to perform command execution on the remote server...

CVE-2023-38404

The XPRTLD web application in Veritas InfoScale Operations Manager VIOM before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server. An authenticated attacker can then execute the malicious file to perform command execution on the remote server...

Command injection

The XPRTLD web application in Veritas InfoScale Operations Manager VIOM before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server. An authenticated attacker can then execute the malicious file to perform command execution on the remote server...

PT-2023-26408 · Veritas · Veritas Infoscale Operations Manager

Name of the Vulnerable Software and Affected Versions: Veritas InfoScale Operations Manager VIOM versions prior to 8.0.0.410 Description: The issue allows an authenticated attacker to upload all types of files to the server, which can then be executed to perform command execution on the remote...

CVE-2023-38404

The XPRTLD web application in Veritas InfoScale Operations Manager VIOM before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server. An authenticated attacker can then execute the malicious file to perform command execution on the remote server...

CVE-2023-32568

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2.800 and 8.x before 8.0.410. The VIOM web application does not validate user-supplied data and appends it to OS commands and internal binaries used by the application. An attacker with root/administrator level...

Design/Logic Flaw

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2.800 and 8.x before 8.0.410. The VIOM web application does not validate user-supplied data and appends it to OS commands and internal binaries used by the application. An attacker with root/administrator level...

Veritas Technologies Infoscale Operations Manager 操作系统命令注入漏洞

Veritas Technologies Infoscale Operations Manager is a suite of software from Veritas Technologies, Inc. that is used to manage the entire InfoScale deployment. The software provides multi-cluster management, customized interfaces, and centralized audit logging. A security vulnerability exists in...

CVE-2023-32568

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2.800 and 8.x before 8.0.410. The VIOM web application does not validate user-supplied data and appends it to OS commands and internal binaries used by the application. An attacker with root/administrator level...

CVE-2023-32569

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers who must have admin credentials to submit arbitrary SQL...

CVE-2023-32569

The CVE-2023-32569 entry affects Veritas InfoScale Operations Manager (VIOM). The VIOM web application contains a SQL Injection flaw in certain areas that can be exploited to execute arbitrary SQL commands on the back-end database, leading to creation/reading/updating/deleting of sensitive data. ...

PT-2023-8939 · Veritas · Veritas Infoscale Operations Manager

Name of the Vulnerable Software and Affected Versions: Veritas InfoScale Operations Manager versions prior to 7.4.2.800 Veritas InfoScale Operations Manager versions 8.x prior to 8.0.410 Description: The issue arises from the VIOM web application's failure to validate user-supplied data, which is...

Veritas Infoscale Operations Manager跨站脚本漏洞

Veritas Infoscale Operations Manager is a suite of software from Veritas, Inc. for the management of entire InfoScale deployments. A cross-site scripting vulnerability exists in Veritas InfoScale Operations Manager, which stems from a lack of filtering and escaping of user-submitted parameters in...

Veritas InfoScale Operations Manager路径遍历漏洞

Veritas Infoscale Operations Manager is a suite of software from Veritas USA for the management of entire InfoScale deployments. Veritas InfoScale Operations Manager is vulnerable to a path traversal vulnerability in the web server admin/cgi-bin/rulemgr.pl/getfile/, which is caused by a lack of...