Filtered by vendor Dell Subscriptions
Total 1058 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-5388 1 Dell 2 Inspiron 15 7579, Inspiron 15 7579 Firmware 2024-11-21 6.9 Medium
Dell Inspiron 15 7579 2-in-1 BIOS versions prior to 1.31.0 contain an Improper SMM communication buffer verification vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2020-5387 1 Dell 2 Xps 13 9370, Xps 13 9370 Firmware 2024-11-21 2.3 Low
Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability. A local attacker with physical access could exploit this vulnerability to prevent the system from booting until the exploited boot device is removed.
CVE-2020-5386 1 Dell 1 Emc Elastic Cloud Storage 2024-11-21 7.5 High
Dell EMC ECS, versions prior to 3.5, contains an Exposure of Resource vulnerability. A remote unauthenticated attacker can access the list of DT (Directory Table) objects of all internally running services and gain knowledge of sensitive data of the system.
CVE-2020-5385 1 Dell 2 Encryption, Endpoint Security Suite Enterprise 2024-11-21 6.7 Medium
Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contain a privilege escalation vulnerability because of an incomplete fix for CVE-2020-5358. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link.
CVE-2020-5383 1 Dell 2 Emc Isilon, Emc Powerscale Onefs 2024-11-21 5.3 Medium
Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS version 9.0.0 contains a buffer overflow vulnerability in the Likewise component. A remote unauthenticated malicious attacker may potentially exploit this vulnerability to cause a process restart.
CVE-2020-5379 1 Dell 2 Inspiron 7352, Inspiron 7352 Bios 2024-11-21 6.8 Medium
Dell Inspiron 7352 BIOS versions prior to A12 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM).
CVE-2020-5378 1 Dell 2 G7 17 7790, G7 17 7790 Bios 2024-11-21 6.8 Medium
Dell G7 17 7790 BIOS versions prior to 1.13.2 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM).
CVE-2020-5377 1 Dell 1 Emc Openmanage Server Administrator 2024-11-21 9.1 Critical
Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain file system access on the compromised management station.
CVE-2020-5376 1 Dell 2 Inspiron 7347, Inspiron 7347 Bios 2024-11-21 6.8 Medium
Dell Inspiron 7347 BIOS versions prior to A13 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM).
CVE-2020-5374 1 Dell 2 Emc Omimssc For Sccm, Emc Omimssc For Scvmm 2024-11-21 8.8 High
Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain a hard-coded cryptographic key vulnerability. A remote unauthenticated attacker may exploit this vulnerability to gain access to the appliance data for remotely managed devices.
CVE-2020-5373 1 Dell 2 Emc Omimssc For Sccm, Emc Omimssc For Scvmm 2024-11-21 6.5 Medium
Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to retrieve the system inventory data of the managed device.
CVE-2020-5372 1 Dell 10 Emc Powerstore 1000, Emc Powerstore 1000 Firmware, Emc Powerstore 3000 and 7 more 2024-11-21 8.6 High
Dell EMC PowerStore versions prior to 1.0.1.0.5.002 contain a vulnerability that exposes test interface ports to external network. A remote unauthenticated attacker could potentially cause Denial of Service via test interface ports which are not used during run time environment.
CVE-2020-5371 1 Dell 2 Emc Isilon Onefs, Emc Powerscale Onefs 2024-11-21 8 High
Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale version 9.0.0 contain a file permissions vulnerability. An attacker, with network or local file access, could take advantage of insufficiently applied file permissions or gain unauthorized access to files.
CVE-2020-5370 1 Dell 1 Emc Openmanage Enterprise 2024-11-21 7.9 High
Dell EMC OpenManage Enterprise (OME) versions prior to 3.4 contain an arbitrary file overwrite vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to overwrite arbitrary files via directory traversal sequences using a crafted tar file to inject malicious RPMs which may cause a denial of service or perform unauthorized actions.
CVE-2020-5369 1 Dell 2 Emc Isilon Onefs, Emc Powerscale Onefs 2024-11-21 8.8 High
Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerability by using SyncIQ to gain unauthorized access to system management files.
CVE-2020-5368 1 Dell 4 Vxrail D560, Vxrail D560 Firmware, Vxrail D560f and 1 more 2024-11-21 9.8 Critical
Dell EMC VxRail versions 4.7.410 and 4.7.411 contain an improper authentication vulnerability. A remote unauthenticated attacker may exploit this vulnerability to obtain sensitive information in an encrypted form.
CVE-2020-5367 1 Dell 3 Emc Unisphere For Powermax, Emc Unisphere For Powermax Virtual Appliance, Powermax Os 2024-11-21 7.4 High
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim's data in transit.
CVE-2020-5366 1 Dell 2 Idrac9, Idrac9 Firmware 2024-11-21 7.1 High
Dell EMC iDRAC9 versions prior to 4.20.20.20 contain a Path Traversal Vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability by manipulating input parameters to gain unauthorized read access to the arbitrary files.
CVE-2020-5365 1 Dell 1 Emc Isilon Onefs 2024-11-21 5.3 Medium
Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability. The pre-configured support account, remotesupport, is bundled in the Dell EMC Isilon OneFS installation. This account is used for diagnostics and other support functions. Although the default password is different for every cluster, it is predictable.
CVE-2020-5364 1 Dell 1 Emc Isilon Onefs 2024-11-21 5.3 Medium
Dell EMC Isilon OneFS versions 8.2.2 and earlier contain an SNMPv2 vulnerability. The SNMPv2 services is enabled, by default, with a pre-configured community string. This community string allows read-only access to many aspects of the Isilon cluster, some of which are considered sensitive and can foster additional access.