Filtered by vendor Dell
Subscribe
Total
1199 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36337 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 5.8 MEDIUM | 6.5 MEDIUM |
| Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible to Man-In-The-Middle attacks thereby compromising Confidentiality and Integrity of data. | |||||
| CVE-2021-36336 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Wyse Management Suite 3.3.1 and below versions contain a deserialization vulnerability that could allow an unauthenticated attacker to execute code on the affected system. | |||||
| CVE-2021-36335 | 1 Dell | 1 Emc Cloud Link | 2024-11-21 | 6.5 MEDIUM | 4.3 MEDIUM |
| Dell EMC CloudLink 7.1 and all prior versions contain an Improper Input Validation Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, leading to execution of arbitrary files on the server | |||||
| CVE-2021-36334 | 1 Dell | 1 Emc Cloud Link | 2024-11-21 | 6.0 MEDIUM | 5.9 MEDIUM |
| Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to arbitrary code execution on end user machine | |||||
| CVE-2021-36333 | 1 Dell | 1 Emc Cloud Link | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash. | |||||
| CVE-2021-36332 | 1 Dell | 1 Emc Cloud Link | 2024-11-21 | 4.9 MEDIUM | 5.4 MEDIUM |
| Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, directing end user to arbitrary and potentially malicious websites. | |||||
| CVE-2021-36330 | 1 Dell | 1 Emc Streaming Data Platform | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
| Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to reuse old session artifacts to impersonate a legitimate user. | |||||
| CVE-2021-36329 | 1 Dell | 1 Emc Streaming Data Platform | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive information. | |||||
| CVE-2021-36328 | 1 Dell | 1 Emc Streaming Data Platform | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious user may potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions and retrieve sensitive information from the database. | |||||
| CVE-2021-36327 | 1 Dell | 1 Emc Streaming Data Platform | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to perform port scanning of internal networks and make HTTP requests to an arbitrary domain of the attacker's choice. | |||||
| CVE-2021-36326 | 1 Dell | 1 Emc Streaming Data Platform | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface (UI). A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted format. | |||||
| CVE-2021-36325 | 1 Dell | 566 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 563 more | 2024-11-21 | 7.2 HIGH | 7.5 HIGH |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||||
| CVE-2021-36324 | 1 Dell | 566 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 563 more | 2024-11-21 | 7.2 HIGH | 7.5 HIGH |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||||
| CVE-2021-36323 | 1 Dell | 566 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 563 more | 2024-11-21 | 7.2 HIGH | 7.5 HIGH |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||||
| CVE-2021-36322 | 1 Dell | 18 X1008, X1008 Firmware, X1008p and 15 more | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary host header values to poison the web-cache or trigger redirections. | |||||
| CVE-2021-36321 | 1 Dell | 18 X1008, X1008 Firmware, X1008p and 15 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an improper input validation vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending specially crafted data to trigger a denial of service. | |||||
| CVE-2021-36320 | 1 Dell | 18 X1008, X1008 Firmware, X1008p and 15 more | 2024-11-21 | 7.5 HIGH | 7.5 HIGH |
| Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially hijack a session and access the webserver by forging the session ID. | |||||
| CVE-2021-36319 | 1 Dell | 1 Networking Os10 | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failure messages. | |||||
| CVE-2021-36318 | 1 Dell | 1 Emc Avamar Server | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage vulnerability. A high privileged user could potentially exploit this vulnerability, leading to a complete outage. | |||||
| CVE-2021-36317 | 1 Dell | 2 Emc Avamar Server, Emc Powerprotect Data Protection Appliance | 2024-11-21 | 2.1 LOW | 6.7 MEDIUM |
| Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in AvInstaller. A local attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | |||||