cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-45767,https://securityvulnerability.io/vulnerability/CVE-2024-45767,Dell OpenManage Enterprise SQL Injection Vulnerability Leads to Information Disclosure,"Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.",Dell,Dell Openmanage Enterprise,6.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-10-17T02:05:22.223Z,0
CVE-2024-45766,https://securityvulnerability.io/vulnerability/CVE-2024-45766,Code Injection Vulnerability Affects Dell OpenManage Enterprise,"Dell OpenManage Enterprise, specifically version OME 4.1 and earlier, exhibits a vulnerability that permits improper control over code generation, identifiable as a code injection flaw. This weakness could be exploited by low privileged remote attackers, enabling them to execute arbitrary code that may compromise system security. Addressing this vulnerability promptly is crucial for maintaining the integrity and security of the affected systems.",Dell,Dell Openmanage Enterprise,8.8,HIGH,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-10-17T01:59:55.255Z,0
CVE-2024-28979,https://securityvulnerability.io/vulnerability/CVE-2024-28979,Dell OpenManage Enterprise Vulnerability: XSS Injection Risk,"Dell OpenManage Enterprise, versions prior to 4.1.0, contains an XSS injection vulnerability in UI. A high privileged local attacker could potentially exploit this vulnerability, leading to JavaScript injection.",Dell,Dell Openmanage Enterprise,4.8,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-05-01T04:03:39.729Z,0
CVE-2024-28978,https://securityvulnerability.io/vulnerability/CVE-2024-28978,Unauthorized Access to Resources via Improper Access Control,"Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability. A high privileged remote attacker could potentially exploit this vulnerability, leading to unauthorized access to resources.",Dell,Dell Openmanage Enterprise,6.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-05-01T03:51:56.705Z,0
CVE-2024-25944,https://securityvulnerability.io/vulnerability/CVE-2024-25944,Dell OpenManage Enterprise Vulnerability: Unauthorized Access to Server Files,"Dell OpenManage Enterprise versions 4.0 and earlier are susceptible to a path traversal vulnerability. This issue allows unauthenticated remote attackers to exploit the system and gain unauthorized access to sensitive files stored on the server's filesystem, leveraging the privileges of the web application's runtime environment. Proper patching and security measures are essential to mitigate this risk.",Dell,Dell Openmanage Enterprise,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-29T16:30:00.128Z,0
CVE-2021-21584,https://securityvulnerability.io/vulnerability/CVE-2021-21584,Information Disclosure in Dell OpenManage Enterprise by Dell,"Dell OpenManage Enterprise versions 3.5 and OpenManage Enterprise-Modular version 1.30.00 are susceptible to an information disclosure vulnerability. This issue could allow an authenticated attacker with low privileges to exploit the system, leading to the unauthorized disclosure of sensitive OIDC server credentials. As a result, an attacker could gain access to critical information that may compromise the integrity and security of the affected servers.",Dell,Dell Openmanage Enterprise,7.7,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2021-08-09T21:15:00.000Z,0
CVE-2021-21585,https://securityvulnerability.io/vulnerability/CVE-2021-21585,OS Command Injection Vulnerability in Dell OpenManage Enterprise,"Dell OpenManage Enterprise, specifically versions prior to 3.6.1, is susceptible to an OS command injection vulnerability found in the RACADM and IPMI tools. This flaw allows authenticated users with elevated privileges to execute arbitrary operating system commands remotely, potentially compromising the integrity and security of the system. Organizations utilizing affected versions should promptly apply security updates to mitigate the risks associated with this vulnerability.",Dell,Dell Openmanage Enterprise,9.1,CRITICAL,0.0016799999866634607,false,,false,false,false,,,false,false,,2021-08-09T21:15:00.000Z,0
CVE-2021-21564,https://securityvulnerability.io/vulnerability/CVE-2021-21564,Improper Authentication Vulnerability in Dell OpenManage Enterprise,"Dell OpenManage Enterprise versions prior to 3.6.1 are impacted by an improper authentication vulnerability that allows a remote unauthenticated attacker to potentially exploit the system. By sending crafted data, the attacker could hijack an elevated session or perform unauthorized actions, leading to a breach of security protocols and unauthorized access to sensitive information. It is essential for users to upgrade to the latest version to mitigate this risk.",Dell,Dell Openmanage Enterprise,9.8,CRITICAL,0.005419999826699495,false,,false,false,false,,,false,false,,2021-08-09T21:15:00.000Z,0
CVE-2021-21596,https://securityvulnerability.io/vulnerability/CVE-2021-21596,Remote Code Execution Vulnerability in Dell OpenManage Enterprise and Modular Products,"The vulnerability in Dell OpenManage Enterprise and Modular products allows unauthorized remote code execution. An attacker with access to the same local network can exploit this flaw, potentially leading to sensitive information disclosure and elevated privileges within the affected systems. Users are recommended to apply security patches provided by Dell to mitigate risks associated with this vulnerability.",Dell,Dell Openmanage Enterprise,9.6,CRITICAL,0.0036200000904500484,false,,false,false,false,,,false,false,,2021-08-09T21:15:00.000Z,0
CVE-2020-5321,https://securityvulnerability.io/vulnerability/CVE-2020-5321,,Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an improper input validation vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to spawn tasks with elevated privileges.,Dell,Dell Openmanage Enterprise,7.6,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2021-07-19T22:15:00.000Z,0
CVE-2020-5323,https://securityvulnerability.io/vulnerability/CVE-2020-5323,,Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an injection vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to gain access to sensitive information or cause denial-of-service.,Dell,Dell Openmanage Enterprise,5.4,MEDIUM,0.0013599999947473407,false,,false,false,false,,,false,false,,2021-07-19T22:15:00.000Z,0
CVE-2020-5322,https://securityvulnerability.io/vulnerability/CVE-2020-5322,,Dell EMC OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a command injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit the vulnerability to execute arbitrary shell commands on the affected system.,Dell,Dell Openmanage Enterprise Modular,9.1,CRITICAL,0.0013299999991431832,false,,false,false,false,,,false,false,,2021-07-19T22:15:00.000Z,0
CVE-2020-5320,https://securityvulnerability.io/vulnerability/CVE-2020-5320,,Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a SQL injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions.,Dell,Dell Openmanage Enterprise,9,CRITICAL,0.0010999999940395355,false,,false,false,false,,,false,false,,2021-07-19T22:15:00.000Z,0