19 matches found
CVE-2026-22764
Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2026-22764
Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2026-22764
Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2026-22764
Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2026-22764
Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2026-22764
Dell OpenManage Network Integration
Dell OpenManage Network Integration Authorization Issues Vulnerability
Dell OpenManage Network Integration OMNI is a network integration solution provided by the American company Dell. Versions of Dell OpenManage Network Integration prior to version 3.9 had an authorization issue vulnerability. This vulnerability stemmed from improper authentication procedures and...
PT-2026-5259
Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
EUVD-2025-19568
Malicious code in bioql PyPI...
CVE-2025-36593
Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed...
CVE-2025-36593
Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed...
CVE-2025-36593
Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed...
PT-2025-27470 · Dell · Openmanage Network Integration
Name of the Vulnerable Software and Affected Versions: Dell OpenManage Network Integration versions prior to 3.8 Description: The issue is related to an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An attacker with local network access could potentially exploit th...
Johnsoncontrols Metasys Improper Restriction of XML External Entity Reference
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server ADS, ADS-Lite versions 10.1 and prior; Metasys Extended Application and...
New Zero-Trust API Offers Mobile Carrier Authentication to Developers
Zero Trust is increasingly being adopted as the best strategy to maintain application security and prevent data breaches. To help achieve progress on Zero Trust, there is now a new, easy way to implement continuous user verification by connecting directly to the authentication systems used by...
CVE-2020-8625
BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the...
Default configuration
BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the...
CVE-2020-9044
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server ADS, ADS-Lite versions 10.1 and prior; Metasys Extended Application and...
CVE-2014-5427
CVE-2014-5427 affects Johnson Controls Metasys 4.1–6.5 (ADS, ADX, LCS8520, NAE 55xx-x, NIE 5xxx-x, NxE8500). A remote, unauthenticated attacker can read password hashes via a POST request, exposing credentials and affecting confidentiality. Connected sources indicate multiple advisories and a pat...