Veritas InfoScale VIOM SQL注入漏洞

Veritas InfoScale VIOM is an infrastructure monitoring and operations management platform for virtualized environments developed by Veritas Corporation in the United States. Versions of Veritas InfoScale VIOM prior to 9.1.3 contained a SQL injection vulnerability. This vulnerability stems from SQ...

Veritas InfoScale CmdServer 访问控制错误漏洞

Veritas InfoScale CmdServer is a command execution and remote management service component provided by Veritas Corporation in the US, designed for InfoScale cluster environments. Versions of Veritas InfoScale CmdServer prior to 7.4.2 contained an access control vulnerability, which was caused by...

Veritas InfoScale VIOM 跨站脚本漏洞

Veritas InfoScale VIOM is an infrastructure monitoring and operations management platform for virtualization environments developed by Veritas Corporation in the United States. Version 9.1.3 of Veritas InfoScale VIOM contains a cross-site scripting vulnerability, which stems from cross-site...

CVE-2022-26483

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting XSS vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP...

CVE-2022-26484

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...

EUVD-2019-8489

Malware in sbrugna...

EUVD-2020-23744

Malware in sbrugna...

EUVD-2023-36812

Malicious code in bioql PyPI...

EUVD-2023-36813

Malicious code in bioql PyPI...

EUVD-2023-42221

Malicious code in bioql PyPI...

EUVD-2022-31041

Malicious code in bioql PyPI...

EUVD-2022-31042

Malicious code in bioql PyPI...

CVE-2023-32568

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2.800 and 8.x before 8.0.410. The VIOM web application does not validate user-supplied data and appends it to OS commands and internal binaries used by the application. An attacker with root/administrator level...

CVE-2019-18780

An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. These Veritas products are affected: Access 7.4.2 and earlier, Access Appliance 7.4.2 and earlier, Fl...

CVE-2020-36166

An issue was discovered in Veritas InfoScale 7.x through 7.4.2 on Windows, Storage Foundation through 6.1 on Windows, Storage Foundation HA through 6.1 on Windows, and InfoScale Operations Manager aka VIOM Windows Management Server 7.x through 7.4.2. On start-up, it loads the OpenSSL library from...

The vulnerability of the web application of the software platform for centralized management and monitoring of data storage resources in heterogeneous environments, Veritas InfoScale Operations Manager, allows a perpetrator to execute arbitrary commands.

The vulnerability of the web application of the centralized management and monitoring software for data storage resources in heterogeneous environments like Veritas InfoScale Operations Manager exists due to the failure to take measures to neutralize specific elements. Exploiting this vulnerabili...

Veritas InfoScale Operations Manager Installed (Windows)

Binary data veritasinfoscaleoperationsmanagerwininstalled.nbin...

Veritas InfoScale Operations Manager Installed (Linux)

Binary data veritasinfoscaleoperationsmanagernixinstalled.nbin...

CVE-2023-38404

The XPRTLD web application in Veritas InfoScale Operations Manager VIOM before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server. An authenticated attacker can then execute the malicious file to perform command execution on the remote server...

CVE-2023-38404

The XPRTLD web application in Veritas InfoScale Operations Manager VIOM before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server. An authenticated attacker can then execute the malicious file to perform command execution on the remote server...