ReportizFlow
Filtered by vendor Dell
Subscriptions
Total
1101 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-36348 | 1 Dell | 2 Integrated Dell Remote Access Controller 9, Integrated Dell Remote Access Controller 9 Firmware | 2024-11-21 | 8.1 High |
| iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to iDRAC. | ||||
| CVE-2021-36347 | 1 Dell | 4 Integrated Dell Remote Access Controller 8, Integrated Dell Remote Access Controller 8 Firmware, Integrated Dell Remote Access Controller 9 and 1 more | 2024-11-21 | 7.2 High |
| iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system. | ||||
| CVE-2021-36346 | 1 Dell | 2 Integrated Dell Remote Access Controller 8, Integrated Dell Remote Access Controller 8 Firmware | 2024-11-21 | 5.3 Medium |
| Dell iDRAC 8 prior to version 2.82.82.82 contain a denial of service vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to deny access to the iDRAC webserver. | ||||
| CVE-2021-36343 | 1 Dell | 668 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 665 more | 2024-11-21 | 7.5 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||||
| CVE-2021-36342 | 1 Dell | 668 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 665 more | 2024-11-21 | 7.5 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||||
| CVE-2021-36341 | 1 Dell | 1 Wyse Device Agent | 2024-11-21 | 5.5 Medium |
| Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability. A local authenticated user with low privileges could potentially exploit this vulnerability in order to access sensitive information. | ||||
| CVE-2021-36340 | 1 Dell | 1 Emc Secure Connect Gateway | 2024-11-21 | 7.8 High |
| Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it. | ||||
| CVE-2021-36339 | 1 Dell | 7 Powermax Os, Solutions Enabler, Solutions Enabler Virtual Appliance and 4 more | 2024-11-21 | 7.8 High |
| The Dell EMC Virtual Appliances before 9.2.2.2 contain undocumented user accounts. A local malicious user may potentially exploit this vulnerability to get privileged access to the virtual appliance. | ||||
| CVE-2021-36338 | 1 Dell | 7 Powermax Os, Solutions Enabler, Solutions Enabler Virtual Appliance and 4 more | 2024-11-21 | 6.3 Medium |
| Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. An adjacent malicious user could potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to. CVE-2022-31233 addresses the partial fix in CVE-2021-36338. | ||||
| CVE-2021-36337 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 6.5 Medium |
| Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible to Man-In-The-Middle attacks thereby compromising Confidentiality and Integrity of data. | ||||
| CVE-2021-36336 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 9.8 Critical |
| Wyse Management Suite 3.3.1 and below versions contain a deserialization vulnerability that could allow an unauthenticated attacker to execute code on the affected system. | ||||
| CVE-2021-36335 | 1 Dell | 1 Emc Cloud Link | 2024-11-21 | 4.3 Medium |
| Dell EMC CloudLink 7.1 and all prior versions contain an Improper Input Validation Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, leading to execution of arbitrary files on the server | ||||
| CVE-2021-36334 | 1 Dell | 1 Emc Cloud Link | 2024-11-21 | 5.9 Medium |
| Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to arbitrary code execution on end user machine | ||||
| CVE-2021-36333 | 1 Dell | 1 Emc Cloud Link | 2024-11-21 | 5.5 Medium |
| Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash. | ||||
| CVE-2021-36332 | 1 Dell | 1 Emc Cloud Link | 2024-11-21 | 5.4 Medium |
| Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, directing end user to arbitrary and potentially malicious websites. | ||||
| CVE-2021-36330 | 1 Dell | 1 Emc Streaming Data Platform | 2024-11-21 | 8.1 High |
| Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to reuse old session artifacts to impersonate a legitimate user. | ||||
| CVE-2021-36329 | 1 Dell | 1 Emc Streaming Data Platform | 2024-11-21 | 6.5 Medium |
| Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive information. | ||||
| CVE-2021-36328 | 1 Dell | 1 Emc Streaming Data Platform | 2024-11-21 | 8.8 High |
| Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious user may potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions and retrieve sensitive information from the database. | ||||
| CVE-2021-36327 | 1 Dell | 1 Emc Streaming Data Platform | 2024-11-21 | 5.3 Medium |
| Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to perform port scanning of internal networks and make HTTP requests to an arbitrary domain of the attacker's choice. | ||||
| CVE-2021-36326 | 1 Dell | 1 Emc Streaming Data Platform | 2024-11-21 | 6.5 Medium |
| Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface (UI). A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted format. | ||||