Filtered by vendor Dell
Subscribe
Total
1209 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36307 | 1 Dell | 1 Networking Os10 | 2024-11-21 | 8.5 HIGH | 8.8 HIGH |
| Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system. | |||||
| CVE-2021-36306 | 1 Dell | 1 Networking Os10 | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system. | |||||
| CVE-2021-36305 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leading to a denial of service over SMB. | |||||
| CVE-2021-36302 | 1 Dell | 2 Emc Integrated System For Microsoft Azure Stack Hub, Emc Integrated System For Microsoft Azure Stack Hub Firmware | 2024-11-21 | 9.0 HIGH | 9.9 CRITICAL |
| All Dell EMC Integrated System for Microsoft Azure Stack Hub versions contain a privilege escalation vulnerability. A remote malicious user with standard level JEA credentials may potentially exploit this vulnerability to elevate privileges and take over the system. | |||||
| CVE-2021-36301 | 1 Dell | 2 Emc Idrac8 Firmware, Emc Idrac9 Firmware | 2024-11-21 | 6.5 MEDIUM | 5.9 MEDIUM |
| Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system. | |||||
| CVE-2021-36300 | 1 Dell | 1 Emc Idrac9 Firmware | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability by sending a specially crafted malicious request to crash the webserver or cause information disclosure. | |||||
| CVE-2021-36299 | 1 Dell | 1 Emc Idrac9 Firmware | 2024-11-21 | 5.5 MEDIUM | 7.1 HIGH |
| Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to the affected application. | |||||
| CVE-2021-36298 | 1 Dell | 2 Isilon Insightiq, Isilon Insightiq Firmware | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
| Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete control of InsightIQ to affect services provided by SSH; so Dell recommends customers to upgrade at the earliest opportunity. | |||||
| CVE-2021-36297 | 1 Dell | 1 Supportassist For Home Pcs | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll's, | |||||
| CVE-2021-36296 | 1 Dell | 9 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 6 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute commands on the system. | |||||
| CVE-2021-36295 | 1 Dell | 9 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 6 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute commands on the system. | |||||
| CVE-2021-36294 | 1 Dell | 9 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 6 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. A remote unauthenticated attacker may exploit this vulnerability by forging a cookie to login as any user. | |||||
| CVE-2021-36293 | 1 Dell | 10 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 7 more | 2024-11-21 | 4.6 MEDIUM | 6.4 MEDIUM |
| Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain elevated privileges. | |||||
| CVE-2021-36290 | 1 Dell | 10 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 7 more | 2024-11-21 | 4.6 MEDIUM | 6.4 MEDIUM |
| Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain privileges. | |||||
| CVE-2021-36289 | 1 Dell | 9 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 6 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it. | |||||
| CVE-2021-36288 | 1 Dell | 10 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 7 more | 2024-11-21 | 6.4 MEDIUM | 8.6 HIGH |
| Dell VNX2 for File version 8.1.21.266 and earlier, contain a path traversal vulnerability which may lead unauthenticated users to read/write restricted files | |||||
| CVE-2021-36287 | 1 Dell | 10 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 7 more | 2024-11-21 | 10.0 HIGH | 7.3 HIGH |
| Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code execution vulnerability which may lead unauthenticated users to execute commands on the system. | |||||
| CVE-2021-36286 | 1 Dell | 1 Supportassist Client Consumer | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by any(non-privileged) user under some object directories, but by themselves are not sufficient to successfully escalate privileges. However, combining them with a different object, such as the NTFS junction point allows for the exploitation. Support assist clean files functionality do not distinguish junction points from the physical folder and proceeds to clean the target of the junction that allows nonprivileged users to create junction points and delete arbitrary files on the system which can be accessed only by the admin. | |||||
| CVE-2021-36285 | 1 Dell | 42 Latitude 5310 2-in-1, Latitude 5310 2-in-1 Firmware, Latitude 5320 and 39 more | 2024-11-21 | 2.1 LOW | 5.7 MEDIUM |
| Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive NVMe password attempt mitigations in order to carry out a brute force attack. | |||||
| CVE-2021-36284 | 1 Dell | 42 Latitude 5310 2-in-1, Latitude 5310 2-in-1 Firmware, Latitude 5320 and 39 more | 2024-11-21 | 2.1 LOW | 5.7 MEDIUM |
| Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive admin password attempt mitigations in order to carry out a brute force attack. | |||||