CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2023/10/05 5:12 p.m.•44 views

CVE-2023-4401

Dell SmartFabric Storage Software (Dell) vulnerability CVE-2023-4401: OS command injection in the CLI using the more command affects v1.4 and earlier, enabling root-level access for authenticated users (local/remote). Root cause: command injection via CLI command parsing. Impact: potential full s...

8.8CVSS8.5AI score0.00683EPSS

CNNVD•added 2023/10/05 12:0 a.m.•4 views

Dell SmartFabric Storage Software 操作系统命令注入漏洞

Dell SmartFabric Storage Software is a stand-alone storage software solution from Dell USA. Dell SmartFabric Storage Software suffers from an operating system command injection vulnerability that can be exploited by an attacker to execute arbitrary commands...

8.8CVSS8AI score0.00766EPSS

CNNVD•added 2023/10/05 12:0 a.m.•3 views

Dell SmartFabric Storage Software 安全漏洞

Dell SmartFabric Storage Software is a stand-alone storage software solution from Dell USA. Dell SmartFabric Storage Software version 1.4 suffers from an HTML injection vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be...

5.4CVSS7.1AI score0.00307EPSS

CNNVD•added 2023/10/05 12:0 a.m.•5 views

Dell SmartFabric Storage Software 访问控制错误漏洞

Dell SmartFabric Storage Software is a stand-alone storage software solution from Dell USA. Dell SmartFabric Storage Software suffers from an Access Control Error vulnerability that stems from an incorrect access control vulnerability contained in the CLI. An attacker could exploit this...

7.8CVSS7.4AI score0.00153EPSS

CNNVD•added 2023/10/05 12:0 a.m.•2 views

Dell SmartFabric Storage Software 输入验证错误漏洞

Dell SmartFabric Storage Software is a stand-alone storage software solution from Dell USA. An elevation of privilege vulnerability exists in Dell SmartFabric Storage Software that originates from the inclusion of incorrect input validation. An attacker could exploit the vulnerability to elevate...

9.8CVSS6.9AI score0.0071EPSS

CNNVD•added 2023/10/05 12:0 a.m.•4 views

Dell SmartFabric Storage Software 操作系统命令注入漏洞

8.8CVSS8.1AI score0.00683EPSS

CNNVD•added 2023/10/05 12:0 a.m.•6 views

Dell SmartFabric Storage Software 操作系统命令注入漏洞

7.8CVSS8.1AI score0.00468EPSS

OSV•added 2023/08/11 3:15 a.m.•1 views

CVE-2022-45112

Improper access control in some IntelR VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score0.00153EPSS

CNNVD•added 2023/07/07 12:0 a.m.•5 views

IBM Cloud Object System 跨站脚本漏洞

IBM Cloud Object System is a data cloud storage software from International Business Machines IBM. A security vulnerability exists in IBM Cloud Object System version 3.15.8.97, which stems from susceptibility to a stored cross-site scripting attack that allows a user to embed arbitrary JavaScript...

6.4CVSS5.6AI score0.00362EPSS

Exploits0References3

BDU FSTEC•added 2023/06/26 12:0 a.m.•3 views

The vulnerability of Western Digital MyCloud OS, a network storage software, allows a hacker to execute arbitrary code.

The vulnerability of Western Digital MyCloud OS network storage software exists due to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.1AI score0.01483EPSS

Exploits0References5Affected Software8

CVE•added 2022/11/01 2:9 a.m.•68 views

CVE-2022-3191

Hitachi Ops Center Analyzer (Linux) is affected in the Virtual Storage Software Agent component. CVE-2022-3191 describes a vulnerability where sensitive information can be inserted into log files, enabling local users to access sensitive data. Affected versions are 10.8.1-00 through 10.9.0-00. Ro...

6.6CVSS5.7AI score0.00169EPSS

Positive Technologies•added 2022/10/17 12:0 a.m.•3 views

PT-2022-22866 · Sourcecodester · Simple Cold Storage Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Cold Storage Management System version 1.0 Description: A vulnerability was found in the Avatar Handler component, affecting the file /csms/admin/?page=user/manage user. This issue leads to unrestricted upload and can be...

7.2CVSS6.9AI score0.00536EPSS

Exploits0References5

CNVD•added 2022/09/01 12:0 a.m.•15 views

Dell SmartFabric storage software command injection vulnerability

Dell SmartFabric Storage Software is a stand-alone storage software solution from Dell USA. A command injection vulnerability exists in Dell SmartFabric storage software version 1.0.0, which arises from a failure of a network system or product to properly filter special characters, commands, etc...

9.8CVSS9.8AI score0.00809EPSS

OSV•added 2022/08/30 9:15 p.m.•0 views

CVE-2022-31232

SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access and perform actions on the affected system...

9.8CVSS5.8AI score

Prion•added 2022/08/30 9:15 p.m.•13 views

Command injection

7.5CVSS9.6AI score0.00809EPSS

CVE•added 2022/08/30 8:25 p.m.•45 views

CVE-2022-31232

CVE-2022-31232 relates to Dell SmartFabric Storage software 1.0.0, where a Command-Injection flaw arises from improper input filtering that can enable a remote, unauthenticated attacker to execute arbitrary commands on the affected system. Affected product: SmartFabric storage software (Dell). Ro...

9.8CVSS9.6AI score0.00809EPSS

OSV•added 2021/09/10 4:15 a.m.•3 views

CVE-2018-19957

A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. This vulnerability allows remote attackers to launch privacy and security attacks. We have already fixed this vulnerability in the following versions: QTS...

6.1CVSS5.8AI score0.00685EPSS