Filtered by vendor Dell
Subscribe
Total
956 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-36316 | 1 Dell | 1 Emc Avamar Server | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. A malicious user with high privileges could potentially exploit this vulnerability, leading to the disclosure of the AUI info and performing some unauthorized operation on the AUI. | |||||
CVE-2021-36314 | 1 Dell | 1 Emc Cloud Link | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Dell EMC CloudLink 7.1 and all prior versions contain an Arbitrary File Creation Vulnerability. A remote unauthenticated attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary files on the end user system. | |||||
CVE-2021-36289 | 1 Dell | 9 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 6 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it. | |||||
CVE-2021-36349 | 1 Dell | 1 Emc Data Protection Central | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Dell EMC Data Protection Central versions 19.5 and prior contain a Server Side Request Forgery vulnerability in the DPC DNS client processing. A remote malicious user could potentially exploit this vulnerability, allowing port scanning of external hosts. | |||||
CVE-2021-36328 | 1 Dell | 1 Emc Streaming Data Platform | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious user may potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions and retrieve sensitive information from the database. | |||||
CVE-2021-21528 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. This vulnerability is triggered when upgrading from a previous versions. | |||||
CVE-2021-21569 | 1 Dell | 1 Emc Networker | 2023-12-10 | 4.0 MEDIUM | 4.9 MEDIUM |
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information. | |||||
CVE-2021-21570 | 1 Dell | 1 Emc Networker | 2023-12-10 | 4.0 MEDIUM | 4.9 MEDIUM |
Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information. | |||||
CVE-2021-36335 | 1 Dell | 1 Emc Cloud Link | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Dell EMC CloudLink 7.1 and all prior versions contain an Improper Input Validation Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, leading to execution of arbitrary files on the server | |||||
CVE-2021-36350 | 1 Dell | 1 Powerscale Onefs | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. A remote unauthenticated attacker may potentially exploit this vulnerability and bypass one of the factors of authentication. | |||||
CVE-2021-43587 | 1 Dell | 1 Powerpath Management Appliance | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges. | |||||
CVE-2021-36322 | 1 Dell | 18 X1008, X1008 Firmware, X1008p and 15 more | 2023-12-10 | 5.8 MEDIUM | 6.1 MEDIUM |
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary host header values to poison the web-cache or trigger redirections. | |||||
CVE-2021-36340 | 1 Dell | 1 Emc Secure Connect Gateway | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it. | |||||
CVE-2021-36343 | 1 Dell | 668 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 665 more | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||||
CVE-2021-36300 | 1 Dell | 1 Emc Idrac9 Firmware | 2023-12-10 | 6.4 MEDIUM | 8.2 HIGH |
iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability by sending a specially crafted malicious request to crash the webserver or cause information disclosure. | |||||
CVE-2021-36336 | 1 Dell | 1 Wyse Management Suite | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Wyse Management Suite 3.3.1 and below versions contain a deserialization vulnerability that could allow an unauthenticated attacker to execute code on the affected system. | |||||
CVE-2021-36294 | 1 Dell | 9 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 6 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. A remote unauthenticated attacker may exploit this vulnerability by forging a cookie to login as any user. | |||||
CVE-2021-36310 | 1 Dell | 1 Networking Os10 | 2023-12-10 | 6.8 MEDIUM | 4.9 MEDIUM |
Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. A high-privileged API user may potentially exploit this vulnerability, leading to a denial of service. | |||||
CVE-2021-36347 | 1 Dell | 4 Integrated Dell Remote Access Controller 8, Integrated Dell Remote Access Controller 8 Firmware, Integrated Dell Remote Access Controller 9 and 1 more | 2023-12-10 | 9.0 HIGH | 7.2 HIGH |
iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system. | |||||
CVE-2021-36308 | 1 Dell | 1 Networking Os10 | 2023-12-10 | 9.3 HIGH | 9.8 CRITICAL |
Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system. |