Lucene search
K
OpenmicroscopyOmero

7 matches found

CVE
CVE
added 2018/08/20 7:0 p.m.57 views

CVE-2018-1000633

The vulnerability CVE-2018-1000633 affects Open Microscopy Environment OMERO.web prior to version 5.4.7. It exposes user passwords through log files created during login and password-change forms, enabling an attacker to read web server logs and potentially log in as the affected user. The issue ...

7.2CVSS7AI score0.01219EPSS
CVE
CVE
added 2018/01/02 11:0 p.m.51 views

CVE-2017-1000438

CVE-2017-1000438 concerns OMERO 5.3.3 and earlier, where a user could create an OriginalFile and adjust its path to point to another user’s file on the underlying filesystem, allowing manipulation of that user’s data. The root cause is improper handling of file paths for OriginalFile records, ena...

8.3CVSS8.1AI score0.00932EPSS
CVE
CVE
added 2018/08/20 7:0 p.m.47 views

CVE-2018-1000634

The vulnerability CVE-2018-1000634 affects Open Microscopy Environment OMERO.server versions 5.4.0–5.4.6. It is an Improper Access Control flaw in User management that can allow an administrative user with restricted privileges to log in as a more powerful administrator. The attack is described a...

7.2CVSS7.2AI score0.00969EPSS
CVE
CVE
added 2020/06/17 4:26 p.m.41 views

CVE-2020-6752

CVE-2020-6752 affects OMERO.server prior to 5.6.1. According to the connected CNVD entries, group owners can access members’ data in other groups, revealing an information-disclosure risk due to a pre-5.6.1 access-control issue. The vulnerability is described across sources as existing in OMERO.s...

5.5CVSS4.4AI score0.00554EPSS
CVE
CVE
added 2019/03/31 11:38 p.m.40 views

CVE-2014-7198

CVE-2014-7198 affects OMERO prior to 5.0.6, where the web interface framework lacks CSRF protection, enabling multiple CSRF vulnerabilities. The root cause is missing CSRF protection in the OMERO web UI, exposing actions initiated by forged requests to potentially impact confidentiality, integrit...

8.8CVSS8.8AI score0.0058EPSS
CVE
CVE
added 2018/08/20 7:0 p.m.40 views

CVE-2018-1000635

The Open Microscopy Environment OMERO.server (versions 5.4.0–5.4.6) contains an information exposure vulnerability in which data sent by the server can disclose sensitive information, enabling an attacker to gain full administrative access and potentially disable the server. The issue is stated t...

7.2CVSS6.5AI score0.00345EPSS
CVE
CVE
added 2020/06/17 4:18 p.m.39 views

CVE-2019-16245

The CVE affects OMERO server prior to version 5.6.1, where per-user details are inadvertently exposed to all users. The underlying issue is an information-disclosure flaw in OMERO.server (before 5.6.1). Exploitation would reveal user-specific details to unauthorized users. Remediation per public ...

5.3CVSS5.3AI score0.00862EPSS