Filtered by vendor Dell
Subscribe
Total
1046 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21569 | 1 Dell | 1 Emc Networker | 2024-11-21 | 4.0 MEDIUM | 6.8 MEDIUM |
| Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information. | |||||
| CVE-2021-21568 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an insufficient logging vulnerability. An authenticated user with ISI_PRIV_LOGIN_PAPI could make un-audited and un-trackable configuration changes to settings that their roles have privileges to change. | |||||
| CVE-2021-21567 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege. | |||||
| CVE-2021-21565 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses. | |||||
| CVE-2021-21564 | 1 Dell | 1 Openmanage Enterprise | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Dell OpenManage Enterprise versions prior to 3.6.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to hijack an elevated session or perform unauthorized actions by sending malformed data. | |||||
| CVE-2021-21563 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper Check for Unusual or Exceptional Conditions in its auditing component.This can lead to an authenticated user with low-privileges to trigger a denial of service event. | |||||
| CVE-2021-21562 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with (ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE) and (ISI_PRIV_SYS_UPGRADE or ISI_PRIV_AUDIT) to provide an untrusted path which can lead to run resources that are not under the application’s direct control. | |||||
| CVE-2021-21561 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 2.1 LOW | 7.8 HIGH |
| Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This would allow a malicious user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges to gain access to sensitive information in the log files. | |||||
| CVE-2021-21559 | 1 Dell | 1 Emc Networker | 2024-11-21 | 2.9 LOW | 7.1 HIGH |
| Dell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4, and 19.4.0.1 contain an Improper Certificate Validation vulnerability in the client (NetWorker Management Console) components which uses SSL encrypted connection in order to communicate with the application server. An unauthenticated attacker in the same network collision domain as the NetWorker Management Console client could potentially exploit this vulnerability to perform man-in-the-middle attacks to intercept and tamper the traffic between the client and the application server. | |||||
| CVE-2021-21558 | 1 Dell | 1 Emc Networker | 2024-11-21 | 2.1 LOW | 8.2 HIGH |
| Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to make changes to the network domain. | |||||
| CVE-2021-21557 | 1 Dell | 62 Poweredge C4140, Poweredge C4140 Firmware, Poweredge C6420 and 59 more | 2024-11-21 | 7.2 HIGH | 8.1 HIGH |
| Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode. | |||||
| CVE-2021-21556 | 1 Dell | 18 Poweredge Mx740c, Poweredge Mx740c Firmware, Poweredge Mx840c and 15 more | 2024-11-21 | 7.2 HIGH | 6.1 MEDIUM |
| Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment. | |||||
| CVE-2021-21555 | 1 Dell | 18 Poweredge Mx740c, Poweredge Mx740c Firmware, Poweredge Mx840c and 15 more | 2024-11-21 | 7.2 HIGH | 6.1 MEDIUM |
| Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment. | |||||
| CVE-2021-21554 | 1 Dell | 18 Poweredge Mx740c, Poweredge Mx740c Firmware, Poweredge Mx840c and 15 more | 2024-11-21 | 7.2 HIGH | 6.1 MEDIUM |
| Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment. | |||||
| CVE-2021-21553 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | 7.2 HIGH | 7.3 HIGH |
| Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest. | |||||
| CVE-2021-21552 | 2 Dell, Microsoft | 4 Wyse 5070 Thin Client, Wyse 5470 All-in-one Thin Client, Wyse 5470 Thin Client and 1 more | 2024-11-21 | 7.2 HIGH | 5.2 MEDIUM |
| Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass the restricted environment and perform unauthorized actions on the affected system. | |||||
| CVE-2021-21551 | 1 Dell | 1 Dbutil 2 3.sys | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
| Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required. | |||||
| CVE-2021-21550 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 7.2 HIGH | 6.0 MEDIUM |
| Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability can allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | |||||
| CVE-2021-21549 | 1 Dell | 3 Xtremio Management Server, Xtremio X1, Xtremio X2 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Dell EMC XtremIO Versions prior to 6.3.3-8, contain a Cross-Site Request Forgery Vulnerability in XMS. A non-privileged attacker could potentially exploit this vulnerability, leading to a privileged victim application user being tricked into sending state-changing requests to the vulnerable application, causing unintended server operations. | |||||
| CVE-2021-21548 | 1 Dell | 3 Emc Unisphere For Powermax, Emc Unisphere For Powermax Virtual Appliance, Powermax Os | 2024-11-21 | N/A | 7.4 HIGH |
| Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit. | |||||