30 matches found
EUVD-2024-28103
/cgi-bin/time.cgi in Atlona AT-OME-MS42 Matrix Switcher 1.1.2 allow remote authenticated users to execute arbitrary commands as root via a POST request that carries a serverName parameter...
CVE-2024-30167
/cgi-bin/time.cgi in Atlona AT-OME-MS42 Matrix Switcher 1.1.2 allow remote authenticated users to execute arbitrary commands as root via a POST request that carries a serverName parameter...
CVE-2024-30167
/cgi-bin/time.cgi in Atlona AT-OME-MS42 Matrix Switcher 1.1.2 allow remote authenticated users to execute arbitrary commands as root via a POST request that carries a serverName parameter...
CVE-2024-30167
CVE-2024-30167 affects Atlona AT-OME-MS42 Matrix Switcher (version 1.1.2). The vulnerability arises in /cgi-bin/time.cgi where a POST containing a serverName parameter allows remote authenticated users to execute arbitrary commands as root. Documented impact: arbitrary code execution with root pr...
📄 Atlona AT-OME-RX21 Authenticated Command Injection
Atlona AT-OME-RX21 suffers from an authenticated command injection vulnerability. // Exploit Title: Atlona AT-OME-RX21 Authenticated Command Injection // Google Dork: N/A // Date: 2025-12-28 // Exploit Author: RIZZZIOM // Vendor Homepage: https://atlona.com // Software Link:...
Malicious Package
Overview ome-api is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
MAL-2025-47125 Malicious code in ome-api (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 813109d74c2326a2f6ec2d8189b807fcde2654e778172aef8555defeb27fc4a8 Any computer that has this package installed or running should be considered...
Malicious code in ome-api (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 813109d74c2326a2f6ec2d8189b807fcde2654e778172aef8555defeb27fc4a8 Any computer that has this package installed or running should be considered...
Malicious code in @zalastax/nolb-ome (npm)
The package @zalastax/nolb-ome was found to contain malicious code...
MAL-2025-12808 Malicious code in @zalastax/nolb-ome (npm)
The package @zalastax/nolb-ome was found to contain malicious code...
CVE-2024-45766
Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Control of Generation of Code 'Code Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...
CVE-2024-45766
Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Control of Generation of Code 'Code Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...
Researchers: Office 365 Encryption Flaw Compromise Message Confidentiality
By Deeba Ahmed According to researchers, the security flaw can be exploited for inferring message contents due to the flawed Office 365 Message Encryption OME security method. This is a post from HackRead.com Read the original post: Researchers: Office 365 Encryption Flaw Compromise Message...
Directory traversal
Dell EMC OpenManage Enterprise OME versions prior to 3.4 contain an arbitrary file overwrite vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to overwrite arbitrary files via directory traversal sequences using a crafted tar fi...
CVE-2020-5370
Dell EMC OpenManage Enterprise (OME) versions prior to 3.4 are affected by an arbitrary file overwrite vulnerability. The issue arises from a directory traversal during tar extraction, allowing a remote authenticated attacker with high privileges to overwrite arbitrary files by injecting maliciou...
CVE-2020-5320
Dell EMC OpenManage Enterprise OME versions prior to 3.2 and OpenManage Enterprise-Modular OME-M versions prior to 1.10.00 contain a SQL injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to execute SQL commands to...
CVE-2020-5322
Dell EMC OpenManage Enterprise-Modular OME-M versions prior to 1.10.00 contain a command injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit the vulnerability to execute arbitrary shell commands on the affected system...
CVE-2020-5323
Dell EMC OpenManage Enterprise OME versions prior to 3.2 and OpenManage Enterprise-Modular OME-M versions prior to 1.10.00 contain an injection vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to gain access to sensitive...
Command injection
Dell EMC OpenManage Enterprise-Modular OME-M versions prior to 1.10.00 contain a command injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit the vulnerability to execute arbitrary shell commands on the affected system...
Input validation
Dell EMC OpenManage Enterprise OME versions prior to 3.2 and OpenManage Enterprise-Modular OME-M versions prior to 1.10.00 contain an improper input validation vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to spawn tasks wit...