Filtered by vendor Dell
Subscriptions
Total
1056 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-5370 | 1 Dell | 1 Emc Openmanage Enterprise | 2024-09-16 | 7.9 High |
| Dell EMC OpenManage Enterprise (OME) versions prior to 3.4 contain an arbitrary file overwrite vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to overwrite arbitrary files via directory traversal sequences using a crafted tar file to inject malicious RPMs which may cause a denial of service or perform unauthorized actions. | ||||
| CVE-2019-18577 | 1 Dell | 1 Xtremio Management Server | 2024-09-16 | 6.7 Medium |
| Dell EMC XtremIO XMS versions prior to 6.3.0 contain an incorrect permission assignment vulnerability. A malicious local user with XtremIO xinstall privileges may exploit this vulnerability to gain root access. | ||||
| CVE-2020-5374 | 1 Dell | 2 Emc Omimssc For Sccm, Emc Omimssc For Scvmm | 2024-09-16 | 8.8 High |
| Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain a hard-coded cryptographic key vulnerability. A remote unauthenticated attacker may exploit this vulnerability to gain access to the appliance data for remotely managed devices. | ||||
| CVE-2018-11078 | 1 Dell | 1 Emc Vplex Geosynchrony | 2024-09-16 | N/A |
| Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions vulnerability. A remote authenticated malicious user could read from VPN configuration files on and potentially author a MITM attack on the VPN traffic. | ||||
| CVE-2021-36313 | 1 Dell | 1 Cloudlink | 2024-09-16 | 9.1 Critical |
| Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker. This vulnerability is considered critical as it may be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the earliest opportunity. | ||||
| CVE-2019-3719 | 1 Dell | 1 Supportassist | 2024-09-16 | 8.0 High |
| Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites. | ||||
| CVE-2021-21547 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2024-09-16 | 6.4 Medium |
| Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user. | ||||
| CVE-2022-23156 | 1 Dell | 1 Wyse Device Agent | 2024-09-16 | 6 Medium |
| Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A malicious user could potentially exploit this vulnerability by providing invalid input in order to obtain a connection to WMS server. | ||||
| CVE-2021-36342 | 1 Dell | 668 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 665 more | 2024-09-16 | 7.5 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||||
| CVE-2021-36305 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 6.5 Medium |
| Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leading to a denial of service over SMB. | ||||
| CVE-2020-5328 | 1 Dell | 1 Emc Isilon Onefs | 2024-09-16 | 9.8 Critical |
| Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur. | ||||
| CVE-2020-5347 | 1 Dell | 1 Emc Isilon Onefs | 2024-09-16 | 5.3 Medium |
| Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses. | ||||
| CVE-2020-26191 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 7.8 High |
| Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain a privilege escalation vulnerability. A user with ISI_PRIV_JOB_ENGINE may use the PermissionRepair job to grant themselves the highest level of RBAC privileges thus being able to read arbitrary data, tamper with system software or deny service to users. | ||||
| CVE-2021-21527 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 6 Medium |
| Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | ||||
| CVE-2022-34373 | 1 Dell | 1 Command \| Integration Suite For System Center | 2024-09-16 | 7.3 High |
| Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability in order to perform an arbitrary write as system. | ||||
| CVE-2020-26196 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 5.5 Medium |
| Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation issue. A user with the BackupAdmin role may potentially exploit this vulnerability resulting in the ability to write data outside of the intended file system location. | ||||
| CVE-2022-34427 | 1 Dell | 1 Container Storage Modules | 2024-09-16 | 8.8 High |
| Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this vulnerability leading to modification of intended OS command execution. | ||||
| CVE-2022-34437 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 6.7 Medium |
| Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters. | ||||
| CVE-2013-3589 | 1 Dell | 4 Idrac6 Firmware, Idrac6 Monolithic, Idrac7 and 1 more | 2024-09-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter. | ||||
| CVE-2022-31230 | 1 Dell | 1 Powerscale Onefs | 2024-09-16 | 8.1 High |
| Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access. | ||||