Skip to main content

Dell

1272 CVEs vendor

Monthly

CVE-2013-0120 HIGH This Week

The web interface on Dell PowerConnect 6248P switches allows remote attackers to cause a denial of service (device crash) via a malformed request. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Denial Of Service Powerconnect 6248P
NVD
CVSS 2.0
7.8
EPSS
1.0%
CVE-2012-6272 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, and 7.1.0.1 allow remote attackers to inject arbitrary web script or HTML via the topic. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Dell XSS Openmanage Server Administrator
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
1.1%
CVE-2012-4955 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Dell OpenManage Server Administrator (OMSA) before 6.5.0.1, 7.0 before 7.0.0.1, and 7.1 before 7.1.0.1 allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Dell XSS Openmanage Server Administrator
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-3951 HIGH POC THREAT Act Now

The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 79.5%.

Dell SQLi Sonicwall Scrutinizer
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
79.5%
Threat
5.4
CVE-2012-3848 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allow remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Dell Sonicwall XSS Scrutinizer
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
0.7%
CVE-2012-2627 CRITICAL POC Act Now

d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allows remote attackers to create or overwrite arbitrary files in. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Dell Information Disclosure Sonicwall Scrutinizer
NVD Exploit-DB
CVSS 2.0
9.4
EPSS
8.5%
CVE-2012-2626 MEDIUM POC THREAT This Month

cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not require token authentication, which allows remote attackers to add administrative. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 76.0%.

Dell Sonicwall Authentication Bypass Scrutinizer
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
76.0%
Threat
4.8
CVE-2012-2962 MEDIUM POC THREAT This Month

SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 90.3%.

PHP Dell SQLi Sonicwall Scrutinizer
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
90.3%
Threat
5.5
CVE-2012-1844 HIGH This Week

The Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100) and the IBM TS3310 tape. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Dell Authentication Bypass Scalar I500 Firmware Scalar I500 +7
NVD
CVSS 2.0
7.5
EPSS
2.3%
CVE-2012-1843 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Dell Scalar I500 Firmware Scalar I500 Powervault Ml6000 Firmware +4
NVD
CVSS 2.0
6.0
EPSS
0.2%
CVE-2012-1842 LOW Monitor

Cross-site scripting (XSS) vulnerability in checkQKMProg.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Dell XSS Scalar I500 Firmware Scalar I500 Powervault Ml6000 Firmware +4
NVD
CVSS 2.0
3.5
EPSS
1.8%
CVE-2012-1841 MEDIUM This Month

Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Path Traversal Scalar I500 Firmware Scalar I500 Powervault Ml6000 Firmware +4
NVD
CVSS 2.0
5.0
EPSS
0.6%
EPSS 1% CVSS 7.8
HIGH This Week

The web interface on Dell PowerConnect 6248P switches allows remote attackers to cause a denial of service (device crash) via a malformed request. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Denial Of Service Powerconnect 6248P
NVD
EPSS 1% CVSS 4.3
MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, and 7.1.0.1 allow remote attackers to inject arbitrary web script or HTML via the topic. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Dell XSS Openmanage Server Administrator
NVD Exploit-DB
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Dell OpenManage Server Administrator (OMSA) before 6.5.0.1, 7.0 before 7.0.0.1, and 7.1 before 7.1.0.1 allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Dell XSS Openmanage Server Administrator
NVD
EPSS 80% 5.4 CVSS 7.5
HIGH POC THREAT Act Now

The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 79.5%.

Dell SQLi Sonicwall +1
NVD Exploit-DB
EPSS 1% CVSS 4.3
MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allow remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Dell Sonicwall +2
NVD Exploit-DB
EPSS 8% CVSS 9.4
CRITICAL POC Act Now

d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allows remote attackers to create or overwrite arbitrary files in. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Dell Information Disclosure +2
NVD Exploit-DB
EPSS 76% 4.8 CVSS 5.0
MEDIUM POC THREAT This Month

cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not require token authentication, which allows remote attackers to add administrative. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 76.0%.

Dell Sonicwall Authentication Bypass +1
NVD Exploit-DB
EPSS 90% 5.5 CVSS 6.5
MEDIUM POC THREAT This Month

SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 90.3%.

PHP Dell SQLi +2
NVD Exploit-DB
EPSS 2% CVSS 7.5
HIGH This Week

The Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100) and the IBM TS3310 tape. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Dell Authentication Bypass +9
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Dell Scalar I500 Firmware +6
NVD
EPSS 2% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in checkQKMProg.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Dell XSS Scalar I500 Firmware +6
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Path Traversal Scalar I500 Firmware +6
NVD
Prev Page 15 of 15

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy