Lucene search
K

334 matches found

OSV
OSV
added 2024/10/17 2:15 a.m.5 views

CVE-2024-45767

Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

6.5CVSS5.8AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2024/10/17 2:15 a.m.3 views

CVE-2024-45766

Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Control of Generation of Code 'Code Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...

8.8CVSS5.9AI score0.00531EPSS
Exploits0References1
NVD
NVD
added 2024/10/17 2:15 a.m.23 views

CVE-2024-45766

Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Control of Generation of Code 'Code Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...

8.8CVSS0.00531EPSS
Exploits0References1
NVD
NVD
added 2024/10/17 2:15 a.m.16 views

CVE-2024-45767

Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

6.5CVSS0.00312EPSS
Exploits0References1
CVE
CVE
added 2024/10/17 2:5 a.m.62 views

CVE-2024-45767

Dell OpenManage Enterprise (OME) before 4.2.0 contains an SQL injection vulnerability due to improper neutralization of special elements in SQL commands. A low-privilege, remote attacker could cause information disclosure. Publicly documented in CVE-2024-45767 and corroborated by NVD/CVEC/Vuln en...

6.5CVSS7.7AI score0.00312EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/17 2:5 a.m.13 views

CVE-2024-45767

Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

4.3CVSS7.4AI score0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/17 2:5 a.m.20 views

CVE-2024-45767

Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

4.3CVSS0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/17 1:59 a.m.7 views

CVE-2024-45766

Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Control of Generation of Code 'Code Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...

8CVSS7.2AI score0.00531EPSS
Exploits0References1
CVE
CVE
added 2024/10/17 1:59 a.m.55 views

CVE-2024-45766

Dell OpenManage Enterprise (OME) versions 4.1 and earlier are affected by a code generation/Code Injection vulnerability that could allow a low-privileged, remote attacker to achieve code execution. The issue stems from improper controls over code generation and is documented across multiple sour...

8.8CVSS7.4AI score0.00531EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/17 1:59 a.m.73 views

CVE-2024-45766

Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Control of Generation of Code 'Code Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...

8CVSS0.00531EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/17 12:0 a.m.5 views

Dell OpenManage Enterprise 代码注入漏洞

Dell OpenManage Enterprise is an easy-to-use, one-to-many system management console for IT infrastructure management from Dell, Inc. The software enables cost-effective, comprehensive lifecycle management of Dell EMC PowerEdge servers from a single console. A code injection vulnerability exists i...

8.8CVSS7.7AI score0.00531EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.4 views

Dell OpenManage Enterprise SQL注入漏洞

Dell OpenManage Enterprise is an easy-to-use, one-to-many system management console for IT infrastructure management from Dell, Inc. The software supports cost-effective, comprehensive lifecycle management of Dell EMC PowerEdge servers from a single console. A SQL injection vulnerability exists i...

6.5CVSS7.6AI score0.00312EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.12 views

PT-2024-7333

Name of the Vulnerable Software and Affected Versions: Dell OpenManage Enterprise versions OME 4.1 and prior Description: The issue is related to improper control of code generation, which could allow a remote attacker with low privileges to execute arbitrary code. This is a code injection...

9CVSS7.5AI score0.00531EPSS
Exploits0References14
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.138 views

Dell OpenManage POST Request Heap Overflow (win32)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dell OpenManage POST Request Heap Overflow win32', 'Description' = %q This module exploits a heap overflow in the Dell OpenManage Web Server...

5CVSS7AI score0.1583EPSS
Exploits2
OSV
OSV
added 2024/06/11 2:15 a.m.5 views

CVE-2024-37130

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the...

7.8CVSS5.8AI score0.0017EPSS
Exploits0References1
NVD
NVD
added 2024/06/11 2:15 a.m.24 views

CVE-2024-37130

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the...

7.8CVSS0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/11 1:34 a.m.25 views

CVE-2024-37130

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the...

7.3CVSS0.0017EPSS
Exploits0References1
CVE
CVE
added 2024/06/11 1:34 a.m.58 views

CVE-2024-37130

CVE-2024-37130 (Dell OpenManage Server Administrator) is a Local Privilege Escalation via XSL Hijacking . Affected: Dell OpenManage Server Administrator versions 11.0.1.0 and prior . Root cause: an XSL hijack path enabling a local, low-privileged user to escalate to the admin user, potentially le...

7.8CVSS7.3AI score0.0017EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2024/06/11 12:0 a.m.7 views

Dell OpenManage Server Administrator Local Lift Vulnerability

Dell OpenManage Server Administrator is a server management tool for server monitoring and configuration. Dell OpenManage Server Administrator suffers from a local elevation vulnerability caused by XSL Hijacking, which can be exploited by a low-privileged attacker to elevate to administrator...

7.8CVSS6.7AI score0.0017EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.7 views

Dell OpenManage Server Administrator 代码问题漏洞

Dell OpenManage Server Administrator is a server management tool for server monitoring and configuration. Dell OpenManage Server Administrator suffers from a local elevation vulnerability caused by XSL Hijacking, which can be exploited by a low-privileged attacker to elevate to administrator...

7.8CVSS6.6AI score0.0017EPSS
Exploits0References3
Rows per page
Query Builder