EUVD-2022-29895

Malicious code in bioql PyPI...

CVE-2024-37140

Dell PowerProtect DD is affected: OS command injection in an admin operation present in versions prior to 8.0 and in LTS 7.13.1.0, 7.10.1.30, and 7.7.5.40. The underlying issue enables a remote low-privilege attacker to run arbitrary OS commands with the vulnerable application’s privileges, poten...

PT-2024-27330 · Dell · Dell Powerprotect Dd

Name of the Vulnerable Software and Affected Versions: Dell PowerProtect DD versions prior to 8.0 Dell PowerProtect DD LTS 7.13.1.0 Dell PowerProtect DD LTS 7.10.1.30 Dell PowerProtect DD LTS 7.7.5.40 Description: The issue is an OS command injection vulnerability in an admin operation. A remote...

CVE-2024-22445

Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privilege...

CVE-2024-22445

Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privilege...

Command injection

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the...

CVE-2023-44279

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A local high privileged attacker could potentially exploit this vulnerability, to bypass security restrictions. Exploitation may lead to a...

CVE-2023-44277

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in the CLI. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's...

Command injection

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in the CLI. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's...

CVE-2023-44277

Dell PowerProtect DD contains an OS command injection vulnerability in the CLI. A local, low-privileged attacker could execute arbitrary OS commands on the underlying OS with the vulnerable service’s privileges, potentially leading to a full system takeover. Affected versions include prior to 7.1...

CVE-2023-44291

Dell DM5500 5.14.0.0 contains an OS command injection vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the underlying OS, with the privileges of the vulnerable application...

Command injection

Dell VxRail, versions prior to 7.0.450, contains an OS command injection Vulnerability in DCManager command-line utility. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the...

CVE-2023-23694

Dell VxRail versions earlier than 7.0.450, contains an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of th...

CVE-2022-25152

The ITarian platform SAAS / on-premise offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability in the approval process, present in any version prior to 6.35.37347.20040, a malicious actor with a...

Command injection

Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable...

CVE-2020-29499

Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiti...

CVE-2020-29499

Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiti...

PerfexCRM 1.9.7 - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: PerfexCRM 1.9.7 – Unrestricted php5 File upload Exploit Author: Ahmad Mahfouz Description: PerfexCRM 1.9.7 prone to unrestricted file upload that lead to system take over by misconfigured elfinder plugin Contact:...