Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
omni vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-33188
Omni-notes is an open source note-taking application for Android. The Omni-notes Android app had an insufficient path validation vulnerability when displaying the details of a note received through an externally-provided intent. The paths of the note's attachments were not p...
Omninotes Omni Notes
9.8
CVSSv3
CVE-2022-40766
Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a '" OR 1 = 1 -- - , <?php' substring.
Moderncampus Omni Cms 10.2.4
NA
CVE-2006-5780
Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 allows remote malicious users to execute arbitrary code via a crafted TCP packet to port 2049 (nfsd), as demonstrated by vd_xlink.pm.
Xlink Technology Omni-nfs Server 5.2
2 EDB exploits
NA
CVE-2006-5792
Unspecified vulnerability in XLink Omni-NFS Enterprise allows remote malicious users to execute arbitrary code via unspecified vectors, as demonstrated by vd_xlink2.pm, an "Omni-NFS Enterprise remote exploit." NOTE: this is probably a different vulnerability than CVE-20...
Xlink Technology Omni-nfs X Enterprise
2 EDB exploits
7.8
CVSSv3
CVE-2019-11117
Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack.
Intel Omni-path Fabric Manager Gui
NA
CVE-1999-1349
NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote malicious users to cause a denial of service (resource exhaustion) via certain packets, possibly with the Urgent (URG) flag set, to port 111.
Xlink Technology Omni-nfs X Enterprise 6.1
6.5
CVSSv3
CVE-2021-30173
Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file.
8.6
CVSSv3
CVE-2018-2463
The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.
Sap Hybris
NA
CVE-2007-2503
Directory traversal vulnerability in turbulence.php in PHP Turbulence 0.0.1 alpha allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tcore] parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party ...
Php Turbulence Php Turbulence 0.0.1 Alpha
1 EDB exploit
NA
CVE-2007-1434
SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, might allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to (a) userdetail.php, id and (2) url parameter to (b) jump.php, and id variable to (c) detail.php.
Grayscale Grayscale Blog
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »