Vulnerabilities > Dell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-02 | CVE-2021-21529 | Resource Exhaustion vulnerability in Dell System Update Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability. | 5.5 |
| 2021-03-12 | CVE-2021-21518 | Uncontrolled Search Path Element vulnerability in Dell products Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin. | 7.8 |
| 2021-03-08 | CVE-2021-21510 | Injection vulnerability in Dell Idrac8 Firmware Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. | 6.1 |
| 2021-03-08 | CVE-2021-21506 | Improper Input Validation vulnerability in Dell EMC Powerscale Onefs 8.1.2/8.2.2/9.1.0 PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. | 8.8 |
| 2021-03-08 | CVE-2021-21503 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs 8.1.2/8.2.2/9.1.0 PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. | 7.8 |
| 2021-03-02 | CVE-2021-21514 | Path Traversal vulnerability in Dell Openmanage Server Administrator Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. | 4.9 |
| 2021-03-02 | CVE-2021-21513 | Improper Authentication vulnerability in Dell Openmanage Server Administrator Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. | 9.8 |
| 2021-03-01 | CVE-2021-21517 | XXE vulnerability in Dell EMC SRS Policy Manager 6.6/6.8.3/6.9.0 SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. | 7.2 |
| 2021-03-01 | CVE-2021-21515 | Cross-site Scripting vulnerability in Dell EMC Sourceone 7.2 Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. | 5.4 |
| 2021-02-19 | CVE-2021-21512 | Information Exposure vulnerability in Dell EMC Powerprotect Cyber Recovery 19.7.0.1 Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. | 6.0 |