cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-37130,https://securityvulnerability.io/vulnerability/CVE-2024-37130,Dell OpenManage Server Administrator Vulnerability: Local Privilege Escalation via XSL Hijacking,"A vulnerability exists in Dell OpenManage Server Administrator that allows a low-privileged local user to exploit XSL Hijacking to escalate their privileges. Successful exploitation can grant the attacker administrative rights, enabling them to gain full control of the machine. This could lead to widespread system compromise, highlighting the importance of applying necessary security updates and mitigating risks associated with this vulnerability.",Dell,Dell Openmanage Server Administrator,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-11T01:34:04.650Z,0
CVE-2023-43079,https://securityvulnerability.io/vulnerability/CVE-2023-43079,Improper Access Control in Dell OpenManage Server Administrator,"Dell OpenManage Server Administrator versions 11.0.0.0 and earlier are susceptible to an Improper Access Control vulnerability. This issue allows a local low-privileged attacker to exploit the system, potentially executing arbitrary code and achieving elevated privileges. Such exploitation could lead to a full compromise of the affected system, putting sensitive information and resources at risk.",Dell,Dell OpenManage Server Administrator,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-13T12:15:00.000Z,0
CVE-2022-34396,https://securityvulnerability.io/vulnerability/CVE-2022-34396,DLL Injection Vulnerability in Dell OpenManage Server Administrator,"The vulnerability in Dell OpenManage Server Administrator versions up to 10.3.0.0 allows local low-privileged authenticated attackers to perform DLL injection. This may enable the execution of arbitrary code with elevated privileges, potentially compromising the entire system. Users are advised to apply the necessary security updates to mitigate risks associated with this vulnerability.",Dell,Openmanage Server Administrator (omsa),7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-02-01T05:24:05.897Z,0
CVE-2019-3722,https://securityvulnerability.io/vulnerability/CVE-2019-3722,XML External Entity (XXE) Injection Vulnerability,Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitrary server system files by supplying specially crafted document type definitions (DTDs) in an XML request.,Dell,Openmanage Server Administrator,7.5,HIGH,0.001990000018849969,false,,false,false,false,,,false,false,,2019-06-06T19:29:00.000Z,0
CVE-2019-3723,https://securityvulnerability.io/vulnerability/CVE-2019-3723,Web Parameter Tampering Vulnerability,"Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete the contents of any existing file, due to improper input parameter validation",Dell,Openmanage Server Administrator,9.1,CRITICAL,0.001990000018849969,false,,false,false,false,,,false,false,,2019-06-06T19:29:00.000Z,0
CVE-2016-4004,https://securityvulnerability.io/vulnerability/CVE-2016-4004,,Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows remote authenticated administrators to read arbitrary files via a ..\ (dot dot backslash) in the file parameter to ViewFile.,Dell,Openmanage Server Administrator,4.9,MEDIUM,0.013679999858140945,false,,false,false,true,2022-11-30T22:34:58.000Z,true,false,false,,2016-04-12T17:00:00.000Z,0
CVE-2013-0740,https://securityvulnerability.io/vulnerability/CVE-2013-0740,,Open redirect vulnerability in Dell OpenManage Server Administrator (OMSA) before 7.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter to HelpViewer.,Dell,Openmanage Server Administrator,,,0.0024500000290572643,false,,false,false,false,,,false,false,,2014-04-10T19:00:00.000Z,0
CVE-2012-6272,https://securityvulnerability.io/vulnerability/CVE-2012-6272,,"Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, and 7.1.0.1 allow remote attackers to inject arbitrary web script or HTML via the topic parameter to html/index_main.htm in (1) help/sm/en/Output/wwhelp/wwhimpl/js/, (2) help/sm/es/Output/wwhelp/wwhimpl/js/, (3) help/sm/ja/Output/wwhelp/wwhimpl/js/, (4) help/sm/de/Output/wwhelp/wwhimpl/js/, (5) help/sm/fr/Output/wwhelp/wwhimpl/js/, (6) help/sm/zh/Output/wwhelp/wwhimpl/js/, (7) help/hip/en/msgguide/wwhelp/wwhimpl/js/, or (8) help/hip/en/msgguide/wwhelp/wwhimpl/common/.",Dell,Openmanage Server Administrator,,,0.0015300000086426735,false,,false,false,false,,,false,false,,2013-01-25T12:00:00.000Z,0
CVE-2012-4955,https://securityvulnerability.io/vulnerability/CVE-2012-4955,,"Cross-site scripting (XSS) vulnerability in Dell OpenManage Server Administrator (OMSA) before 6.5.0.1, 7.0 before 7.0.0.1, and 7.1 before 7.1.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",Dell,Openmanage Server Administrator,,,0.003909999970346689,false,,false,false,false,,,false,false,,2012-11-15T11:00:00.000Z,0