Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
omni vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-33188
Omni-notes is an open source note-taking application for Android. The Omni-notes Android app had an insufficient path validation vulnerability when displaying the details of a note received through an externally-provided intent. The paths of the note's attachments were not p...
Omninotes Omni Notes
9.8
CVSSv3
CVE-2022-40766
Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a '" OR 1 = 1 -- - , <?php' substring.
Moderncampus Omni Cms 10.2.4
NA
CVE-2006-5780
Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 allows remote malicious users to execute arbitrary code via a crafted TCP packet to port 2049 (nfsd), as demonstrated by vd_xlink.pm.
Xlink Technology Omni-nfs Server 5.2
2 EDB exploits
7.8
CVSSv3
CVE-2019-11117
Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack.
Intel Omni-path Fabric Manager Gui
NA
CVE-2006-5792
Unspecified vulnerability in XLink Omni-NFS Enterprise allows remote malicious users to execute arbitrary code via unspecified vectors, as demonstrated by vd_xlink2.pm, an "Omni-NFS Enterprise remote exploit." NOTE: this is probably a different vulnerability than CVE-20...
Xlink Technology Omni-nfs X Enterprise
2 EDB exploits
NA
CVE-1999-1349
NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote malicious users to cause a denial of service (resource exhaustion) via certain packets, possibly with the Urgent (URG) flag set, to port 111.
Xlink Technology Omni-nfs X Enterprise 6.1
6.5
CVSSv3
CVE-2021-30173
Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file.
8.6
CVSSv3
CVE-2018-2463
The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.
Sap Hybris
NA
CVE-2007-2305
Multiple SQL injection vulnerabilities in authenticate.php in Quick and Dirty Blog (QDBlog) 0.4, and possibly earlier, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Qdblog Qdblog
1 EDB exploit
NA
CVE-2007-1432
Grayscale Blog 0.8.0, and possibly earlier versions, allows remote malicious users to gain privileges via direct requests with modified arguments in (1) the user_permissions parameter to add_users.php, and unspecified parameters to (2) addblog.php, (3) editblog.php, (4) editlinks...
Grayscale Grayscale Blog
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »