Filtered by vendor Dell Subscriptions
Total 1056 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-5372 1 Dell 10 Emc Powerstore 1000, Emc Powerstore 1000 Firmware, Emc Powerstore 3000 and 7 more 2024-09-16 8.6 High
Dell EMC PowerStore versions prior to 1.0.1.0.5.002 contain a vulnerability that exposes test interface ports to external network. A remote unauthenticated attacker could potentially cause Denial of Service via test interface ports which are not used during run time environment.
CVE-2018-1239 1 Dell 2 Emc Unity Operating Environment, Emc Unityvsa Operating Environment 2024-09-16 N/A
Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unity is installed.
CVE-2022-34367 1 Dell 1 Emc Data Protection Central 2024-09-16 5.4 Medium
Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. A(n) remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations.
CVE-2020-35168 2 Dell, Oracle 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more 2024-09-16 4.7 Medium
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.
CVE-2019-3720 1 Dell 1 Emc Openmanage Server Administrator 2024-09-16 4.9 Medium
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain a Directory Traversal Vulnerability. A remote authenticated malicious user with admin privileges could potentially exploit this vulnerability to gain unauthorized access to the file system by exploiting insufficient sanitization of input parameters.
CVE-2021-21506 1 Dell 1 Emc Powerscale Onefs 2024-09-16 8.8 High
PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. An un-authtenticated with ISI_PRIV_SYS_SUPPORT and ISI_PRIV_LOGIN_PAPI privileges could potentially exploit this vulnerability, leading to potential privileges escalation.
CVE-2019-18573 1 Dell 1 Rsa Identity Governance And Lifecycle 2024-09-16 8.8 High
The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a Session Fixation vulnerability. An authenticated malicious local user could potentially exploit this vulnerability as the session token is exposed as part of the URL. A remote attacker can gain access to victim’s session and perform arbitrary actions with privileges of the user within the compromised session.
CVE-2022-31220 1 Dell 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more 2024-09-16 3 Low
Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.
CVE-2021-36330 1 Dell 1 Emc Streaming Data Platform 2024-09-16 8.1 High
Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to reuse old session artifacts to impersonate a legitimate user.
CVE-2022-34365 1 Dell 1 Wyse Management Suite 2024-09-16 6.5 Medium
WMS 3.7 contains a Path Traversal Vulnerability in Device API. An attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.
CVE-2022-34434 1 Dell 1 Cloud Mobility For Dell Emc Storage 2024-09-16 6.7 Medium
Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. A threat actor with root level access to either the vApp or containerized versions of Cloud Mobility may potentially exploit this vulnerability, leading to the modification or deletion of tables that are required for many of the core functionalities of Cloud Mobility. Exploitation may lead to the compromise of integrity and availability of the normal functionality of the Cloud Mobility application.
CVE-2022-31234 1 Dell 10 Emc Powerstore 1200t, Emc Powerstore 1200t Firmware, Emc Powerstore 3200t and 7 more 2024-09-16 8.1 High
Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to password brute-forcing. Account takeover is possible if weak passwords are used by users.
CVE-2021-36294 1 Dell 9 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 6 more 2024-09-16 9.8 Critical
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. A remote unauthenticated attacker may exploit this vulnerability by forging a cookie to login as any user.
CVE-2022-34439 1 Dell 1 Emc Powerscale Onefs 2024-09-16 5.3 Medium
Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node.
CVE-2021-36341 1 Dell 1 Wyse Device Agent 2024-09-16 5.5 Medium
Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability. A local authenticated user with low privileges could potentially exploit this vulnerability in order to access sensitive information.
CVE-2022-29097 1 Dell 1 Wyse Management Suite 2024-09-16 4.9 Medium
Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.
CVE-2020-5315 1 Dell 1 Emc Repository Manager 2024-09-16 8.8 High
Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text password storage vulnerability. Proxy server user password is stored in a plain text in a local database. A local authenticated malicious user with access to the local file system may use the exposed password to access the with privileges of the compromised user.
CVE-2022-32488 1 Dell 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more 2024-09-16 8.2 High
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2020-29508 2 Dell, Oracle 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more 2024-09-16 5.3 Medium
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Improper Input Validation Vulnerability.
CVE-2021-36307 1 Dell 1 Networking Os10 2024-09-16 8.8 High
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.