Dell

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-21530 1Dell 1Openmanage Enterprise Modular Nov 21, 2024 Apr 30, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from t...Show more Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege.Show less
CVE-2021-21507 1Dell 11R1 2210 Firmware R1 2401 FirmwareX1008 Firmware+8 more Nov 21, 2024 Apr 30, 2021 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated att...Show more Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account.Show less
CVE-2021-21537 1Dell 1Hybrid Client Nov 21, 2024 Apr 30, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to view and exfiltrate sensitive information on the system.
CVE-2021-21536 1Dell 1Hybrid Client Nov 21, 2024 Apr 30, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to register the client to a server in order to view sensiti...Show more Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to register the client to a server in order to view sensitive information.Show less
CVE-2021-21535 1Dell 1Hybrid Client Nov 21, 2024 Apr 30, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain root level access to the s...Show more Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain root level access to the system.Show less
CVE-2021-21534 1Dell 1Hybrid Client Nov 21, 2024 Apr 30, 2021 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain access to sensitive information via the local API.
CVE-2021-21526 1Dell 1Powerscale Onefs Feb 20, 2026 Apr 20, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root.
CVE-2020-26197 1Dell 1Emc Powerscale Onefs Nov 21, 2024 Apr 20, 2021 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect...Show more Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the authentication provider.Show less
CVE-2021-21545 1Dell 1Peripheral Manager Nov 21, 2024 Apr 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the syste...Show more Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user.Show less
CVE-2021-21524 1Dell 2Storage Monitoring And Reporting Storage Resource Manager Nov 21, 2024 Apr 12, 2021 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Dell SRM versions prior to 4.5.0.1 and Dell SMR versions prior to 4.5.0.1 contain an Untrusted Deserialization Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to arbit...Show more Dell SRM versions prior to 4.5.0.1 and Dell SMR versions prior to 4.5.0.1 contain an Untrusted Deserialization Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to arbitrary privileged code execution on the vulnerable application. The severity is Critical as this may lead to system compromise by unauthenticated attackers.Show less
CVE-2021-21533 1Dell 1Wyse Management Suite Nov 21, 2024 Apr 2, 2021 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in the job status retrieval page, also affecting other users that would have normally...Show more Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in the job status retrieval page, also affecting other users that would have normally access to the same subset of job detailsShow less
CVE-2021-21532 1Dell 1Wyse Thinos Nov 21, 2024 Apr 2, 2021 N/A· v4 6.3 MEDIUM· v3 5.8 MEDIUM· v2 Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing...Show more Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file.Show less
CVE-2021-21529 1Dell 1System Update Nov 21, 2024 Apr 2, 2021 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to cause the system to run...Show more Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to cause the system to run out of memory by running multiple instances of the vulnerable application.Show less
CVE-2021-21518 1Dell 3Supportassist Client Promanage Supportassist For Business PcsSupportassist For Home Pcs Nov 21, 2024 Mar 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection...Show more Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin. A local user with low privileges could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with SYSTEM privileges.Show less
CVE-2021-21510 1Dell 1Idrac8 Firmware Nov 21, 2024 Mar 8, 2021 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison...Show more Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or trigger redirections.Show less
CVE-2021-21506 1Dell 1Emc Powerscale Onefs Nov 21, 2024 Mar 8, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. An un-authtenticated with ISI_PRIV_SYS_SUPPORT and ISI_PRIV_LOGIN_PAPI privileges could potentially exploit this vu...Show more PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. An un-authtenticated with ISI_PRIV_SYS_SUPPORT and ISI_PRIV_LOGIN_PAPI privileges could potentially exploit this vulnerability, leading to potential privileges escalation.Show less
CVE-2021-21503 1Dell 1Emc Powerscale Onefs Nov 21, 2024 Mar 8, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially exploit this vulnerability, leading to potential privileges escalation.
CVE-2021-21514 1Dell 1Openmanage Server Administrator Nov 21, 2024 Mar 2, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view arbitrary files on t...Show more Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view arbitrary files on the target system by sending a specially crafted URL request.Show less
CVE-2021-21513 1Dell 1Openmanage Server Administrator Nov 21, 2024 Mar 2, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticate...Show more Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin access on the affected system.Show less
CVE-2021-21517 1Dell 1Emc Srs Policy Manager Nov 21, 2024 Mar 1, 2021 N/A· v4 7.2 HIGH· v3 6.4 MEDIUM· v2 SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. A remote unauthenticated...Show more SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. A remote unauthenticated attacker can potentially exploit this vulnerability to read system files as a non-root user and may be able to temporarily disrupt the ESRS service.Show less

Previous 1...596061...76 Next