Vulnerabilities > Dell

DATE CVE VULNERABILITY TITLE RISK
2021-10-01 CVE-2021-36298 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Isilon Insightiq Firmware
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component.
network
low complexity
dell CWE-327
7.5
2021-10-01 CVE-2021-36309 Information Exposure vulnerability in Dell Enterprise Sonic OS
Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability.
network
low complexity
dell CWE-200
4.0
2021-09-28 CVE-2021-21522 Insufficiently Protected Credentials vulnerability in Dell products
Dell BIOS contains a Credentials Management issue.
local
low complexity
dell CWE-522
2.1
2021-09-28 CVE-2021-21569 Path Traversal vulnerability in Dell EMC Networker
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability.
network
low complexity
dell CWE-22
4.0
2021-09-28 CVE-2021-21570 OS Command Injection vulnerability in Dell EMC Networker
Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability.
network
low complexity
dell CWE-78
4.0
2021-09-28 CVE-2021-36283 Improper Input Validation vulnerability in Dell products
Dell BIOS contains an improper input validation vulnerability.
local
low complexity
dell CWE-20
7.2
2021-09-28 CVE-2021-36284 Improper Restriction of Excessive Authentication Attempts vulnerability in Dell products
Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability.
local
low complexity
dell CWE-307
2.1
2021-09-28 CVE-2021-36285 Improper Restriction of Excessive Authentication Attempts vulnerability in Dell products
Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability.
local
low complexity
dell CWE-307
2.1
2021-09-28 CVE-2021-36286 Path Traversal vulnerability in Dell Supportassist Client Consumer
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links.
local
low complexity
dell CWE-22
3.6
2021-09-28 CVE-2021-36297 Untrusted Search Path vulnerability in Dell Supportassist for Home PCS
SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll's,
local
dell CWE-426
4.4