Skip to main content

Dell

1272 CVEs vendor

Monthly

CVE-2022-26857 HIGH This Week

Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Openmanage Enterprise
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-24422 CRITICAL PATCH Act Now

Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authentication vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Dell Idrac9
NVD
CVSS 3.1
9.8
EPSS
53.8%
CVE-2022-24418 MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Dell G5 5505 Firmware Inspiron 22 3275 Firmware Inspiron 24 3475 Firmware +25
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-24417 MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Dell G5 5505 Firmware Inspiron 22 3275 Firmware Inspiron 24 3475 Firmware +25
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-24414 MEDIUM PATCH This Month

Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Dell Information Disclosure Cloudlink
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-26856 HIGH This Week

Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Repository Manager
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-24424 HIGH This Week

Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Path Traversal Emc Appsync
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-24423 HIGH PATCH This Week

Dell iDRAC8 versions prior to 2.83.83.83 contain a denial of service vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Dell Integrated Dell Remote Access Controller 8 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-22558 MEDIUM This Month

Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Dell Buffer Overflow R6415 Firmware R7415 Firmware +18
NVD
CVSS 3.1
6.0
EPSS
0.2%
CVE-2022-24413 LOW Monitor

Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. Rated low severity (CVSS 3.6). No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
3.6
EPSS
0.1%
CVE-2022-24412 HIGH This Week

Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling of value vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-24411 HIGH This Week

Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-23163 MEDIUM PATCH This Month

Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Dell Emc Powerscale Onefs
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-23161 HIGH PATCH This Week

Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-23160 MEDIUM PATCH This Month

Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-23159 MEDIUM PATCH This Month

Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-22565 LOW PATCH Monitor

Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
3.8
EPSS
0.5%
CVE-2022-22562 HIGH PATCH This Week

Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-22561 CRITICAL PATCH Act Now

Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-22560 MEDIUM PATCH This Month

Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Dell Emc Powerscale Onefs
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-22559 HIGH PATCH This Week

Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-22550 MEDIUM PATCH This Month

Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-22549 HIGH This Week

Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2022-26855 MEDIUM This Month

Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Dell Emc Powerscale Onefs
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-26854 CRITICAL Act Now

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-26852 CRITICAL Act Now

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-26851 CRITICAL Act Now

Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
9.1
EPSS
0.9%
CVE-2022-24428 HIGH This Week

Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-22563 MEDIUM This Month

Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-24426 HIGH PATCH This Week

Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Dell Alienware Update Command Update Update
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-23155 HIGH PATCH This Week

Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Dell File Upload Wyse Management Suite
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2022-24421 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow Alienware 13 R3 Firmware Alienware 15 R3 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24420 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow Alienware 13 R3 Firmware Alienware 15 R3 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24419 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow Alienware 13 R3 Firmware Alienware 15 R3 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24416 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow Alienware 13 R3 Firmware Alienware 15 R3 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24415 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow Alienware 13 R3 Firmware Alienware 15 R3 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-24409 HIGH This Week

Dell BSAFE SSL-J contains remediation for a covert timing channel vulnerability that may be exploited by malicious users to compromise the affected system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Dell Information Disclosure Bsafe Ssl J
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-43587 MEDIUM PATCH This Month

Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Powerpath Management Appliance
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-36350 HIGH PATCH This Week

Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Dell Authentication Bypass Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-36341 MEDIUM PATCH This Month

Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Dell Information Disclosure Wyse Device Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-36337 HIGH PATCH This Week

Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible to Man-In-The-Middle attacks thereby compromising. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Dell Information Disclosure Wyse Management Suite
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2021-36318 MEDIUM PATCH This Month

Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Avamar Server
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-36317 MEDIUM PATCH This Month

Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in AvInstaller. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Avamar Server Emc Powerprotect Data Protection Appliance
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-36316 HIGH PATCH This Week

Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Dell Privilege Escalation Emc Avamar Server
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2021-36330 CRITICAL Act Now

Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Streaming Data Platform
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-36329 MEDIUM This Month

Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Authentication Bypass Emc Streaming Data Platform
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-36328 HIGH This Week

Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell SQLi Emc Streaming Data Platform
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-36327 MEDIUM This Month

Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell SSRF Emc Streaming Data Platform
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2021-36326 MEDIUM This Month

Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface (UI). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Streaming Data Platform
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-34424 HIGH This Week

A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google HP Apple Microsoft +30
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-34423 CRITICAL Act Now

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google RCE HP Apple +31
NVD
CVSS 3.1
9.8
EPSS
3.2%
CVE-2021-36335 HIGH PATCH This Week

Dell EMC CloudLink 7.1 and all prior versions contain an Improper Input Validation Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Information Disclosure Emc Cloud Link
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-36334 MEDIUM PATCH This Month

Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Dell RCE Emc Cloud Link
NVD
CVSS 3.1
6.8
EPSS
0.7%
CVE-2021-36333 MEDIUM PATCH This Month

Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Dell Emc Cloud Link
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-36332 MEDIUM PATCH This Month

Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Dell Open Redirect Emc Cloud Link
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-36314 CRITICAL PATCH Act Now

Dell EMC CloudLink 7.1 and all prior versions contain an Arbitrary File Creation Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Emc Cloud Link
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-36313 HIGH This Week

Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection Cloudlink
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2021-36312 CRITICAL Act Now

Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Authentication Bypass Cloudlink
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2021-36311 HIGH PATCH This Week

Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Dell Authentication Bypass Emc Networker
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-36301 HIGH PATCH This Week

Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Dell Stack Overflow Emc Idrac8 Firmware Emc Idrac9 Firmware
NVD
CVSS 3.1
7.2
EPSS
27.7%
CVE-2021-36299 HIGH PATCH This Week

Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Dell SQLi Denial Of Service Information Disclosure Emc Idrac9 Firmware
NVD
CVSS 3.1
8.1
EPSS
29.6%
CVE-2021-21561 MEDIUM PATCH This Month

Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-36340 MEDIUM This Month

Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Secure Connect Gateway
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-36322 MEDIUM PATCH This Month

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Code Injection X1008P Firmware X1018P Firmware X1026P Firmware +6
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-36321 HIGH PATCH This Week

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an improper input validation vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Denial Of Service X1008P Firmware X1018P Firmware X1026P Firmware +6
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-36320 CRITICAL PATCH Act Now

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Authentication Bypass X1008P Firmware X1018P Firmware X1026P Firmware +6
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-36319 LOW PATCH Monitor

Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Dell Information Disclosure Networking Os10
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2021-36310 MEDIUM PATCH This Month

Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Dell Denial Of Service Networking Os10
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2021-36325 MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell RCE Alienware 13 R3 Firmware Alienware 15 R3 Firmware Alienware 15 R4 Firmware +280
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-36324 MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Latitude 5500 Firmware Precision 7750 Firmware Latitude 5401 Firmware Precision 3541 Firmware Chengming 3991 Firmware +280
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-36323 MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell RCE Alienware 13 R3 Firmware Alienware 15 R3 Firmware Alienware 15 R4 Firmware +280
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-36315 MEDIUM This Month

Dell EMC PowerScale Nodes contain a hardware design flaw. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Dell Privilege Escalation Emc Powerscale Nodes A100 Firmware Emc Powerscale Nodes S210 Firmware Emc Powerscale Nodes X410 Firmware +16
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2021-36305 MEDIUM This Month

Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Denial Of Service Emc Powerscale Onefs
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-21528 HIGH This Week

Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-36309 MEDIUM PATCH This Month

Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Dell Information Disclosure Enterprise Sonic Os
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2021-36298 CRITICAL PATCH Act Now

Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Authentication Bypass Isilon Insightiq Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2021-36286 HIGH PATCH This Week

Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Microsoft Path Traversal Supportassist Client Consumer
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2021-36285 MEDIUM This Month

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Latitude 5310 2 In 1 Firmware Latitude 5320 Firmware Latitude 5400 Firmware +18
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-36284 MEDIUM This Month

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Latitude 5310 2 In 1 Firmware Latitude 5320 Firmware Latitude 5400 Firmware +18
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-36283 MEDIUM PATCH This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell RCE Chengming 3990 Firmware Chengming 3991 Firmware G3 15 3500 Firmware +82
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-21570 MEDIUM PATCH This Month

Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Dell Command Injection Information Disclosure Emc Networker
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2021-21569 MEDIUM PATCH This Month

Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Dell Path Traversal Command Injection Emc Networker
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2021-21522 MEDIUM This Month

Dell BIOS contains a Credentials Management issue. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Latitude 5285 2 In 1 Firmware Latitude 5289 2 In 1 Firmware Latitude 5310 2 In 1 Firmware +25
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-36282 LOW PATCH Monitor

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2021-36281 HIGH PATCH This Week

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Privilege Escalation Emc Powerscale Onefs
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-36280 MEDIUM PATCH This Month

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-36279 HIGH PATCH This Week

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-36278 MEDIUM PATCH This Month

Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2021-21599 MEDIUM PATCH This Month

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Command Injection Emc Powerscale Onefs
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2021-21595 MEDIUM PATCH This Month

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Dell Command Injection Emc Powerscale Onefs
NVD
CVSS 3.1
6.7
EPSS
0.2%
EPSS 1% CVSS 8.8
HIGH This Week

Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Openmanage Enterprise
NVD
EPSS 54% CVSS 9.8
CRITICAL PATCH Act Now

Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authentication vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Dell Idrac9
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Dell G5 5505 Firmware +27
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Dell G5 5505 Firmware +27
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Dell Information Disclosure Cloudlink
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Repository Manager
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Path Traversal Emc Appsync
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Dell iDRAC8 versions prior to 2.83.83.83 contain a denial of service vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Dell Integrated Dell Remote Access Controller 8 Firmware
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Dell Buffer Overflow +20
NVD
EPSS 0% CVSS 3.6
LOW Monitor

Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. Rated low severity (CVSS 3.6). No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling of value vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Dell Emc Powerscale Onefs
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 3.8
LOW PATCH Monitor

Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Dell Emc Powerscale Onefs
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Dell +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Dell Alienware Update +2
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Dell File Upload +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow +46
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow +46
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow +46
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow +46
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Buffer Overflow +46
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Dell BSAFE SSL-J contains remediation for a covert timing channel vulnerability that may be exploited by malicious users to compromise the affected system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Dell Information Disclosure Bsafe Ssl J
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Powerpath Management Appliance
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Dell Authentication Bypass Powerscale Onefs
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Dell Information Disclosure Wyse Device Agent
NVD
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible to Man-In-The-Middle attacks thereby compromising. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Dell Information Disclosure Wyse Management Suite
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Avamar Server
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in AvInstaller. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Avamar Server +1
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Dell Privilege Escalation Emc Avamar Server
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Streaming Data Platform
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Authentication Bypass Emc Streaming Data Platform
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell SQLi Emc Streaming Data Platform
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell SSRF Emc Streaming Data Platform
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface (UI). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Streaming Data Platform
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google HP +32
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google RCE +33
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Dell EMC CloudLink 7.1 and all prior versions contain an Improper Input Validation Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Information Disclosure Emc Cloud Link
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Dell RCE Emc Cloud Link
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Dell Emc Cloud Link
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Dell Open Redirect Emc Cloud Link
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Dell EMC CloudLink 7.1 and all prior versions contain an Arbitrary File Creation Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Emc Cloud Link
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection Cloudlink
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Authentication Bypass Cloudlink
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Dell Authentication Bypass Emc Networker
NVD
EPSS 28% CVSS 7.2
HIGH PATCH This Week

Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Dell Stack Overflow +2
NVD
EPSS 30% CVSS 8.1
HIGH PATCH This Week

Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Dell SQLi Denial Of Service +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Secure Connect Gateway
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Code Injection X1008P Firmware +8
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an improper input validation vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Denial Of Service X1008P Firmware +8
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Authentication Bypass X1008P Firmware +8
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Dell Information Disclosure Networking Os10
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Dell Denial Of Service Networking Os10
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell RCE Alienware 13 R3 Firmware +282
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Latitude 5500 Firmware Precision 7750 Firmware Latitude 5401 Firmware +282
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell RCE Alienware 13 R3 Firmware +282
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Dell EMC PowerScale Nodes contain a hardware design flaw. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Dell Privilege Escalation Emc Powerscale Nodes A100 Firmware +18
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Denial Of Service Emc Powerscale Onefs
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Dell Information Disclosure Enterprise Sonic Os
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Authentication Bypass Isilon Insightiq Firmware
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Microsoft Path Traversal +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Latitude 5310 2 In 1 Firmware +20
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Latitude 5310 2 In 1 Firmware +20
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell RCE Chengming 3990 Firmware +84
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Dell Command Injection Information Disclosure +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Dell Path Traversal Command Injection +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Dell BIOS contains a Credentials Management issue. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Latitude 5285 2 In 1 Firmware +27
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Privilege Escalation Emc Powerscale Onefs
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Powerscale Onefs
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Command Injection Emc Powerscale Onefs
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Dell Command Injection Emc Powerscale Onefs
NVD
Prev Page 11 of 15 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy