Vulnerabilities > Dell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-30 | CVE-2021-21534 | Information Exposure vulnerability in Dell Hybrid Client 1.0/1.1/1.1.01 Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. | 3.3 |
| 2021-04-20 | CVE-2021-21526 | OS Command Injection vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root. | 6.7 |
| 2021-04-20 | CVE-2020-26197 | Cleartext Transmission of Sensitive Information vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. | 9.1 |
| 2021-04-12 | CVE-2021-21545 | Uncontrolled Search Path Element vulnerability in Dell Peripheral Manager Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user. | 7.8 |
| 2021-04-12 | CVE-2021-21524 | Deserialization of Untrusted Data vulnerability in Dell products Dell SRM versions prior to 4.5.0.1 and Dell SMR versions prior to 4.5.0.1 contain an Untrusted Deserialization Vulnerability. | 9.8 |
| 2021-04-02 | CVE-2021-21533 | Improper Input Validation vulnerability in Dell Wyse Management Suite Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in the job status retrieval page, also affecting other users that would have normally access to the same subset of job details | 4.3 |
| 2021-04-02 | CVE-2021-21532 | Improper Input Validation vulnerability in Dell Wyse Thinos 8.6 Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file. | 6.3 |
| 2021-04-02 | CVE-2021-21529 | Resource Exhaustion vulnerability in Dell System Update Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability. | 5.5 |
| 2021-03-12 | CVE-2021-21518 | Uncontrolled Search Path Element vulnerability in Dell products Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin. | 7.8 |
| 2021-03-08 | CVE-2021-21510 | Injection vulnerability in Dell Idrac8 Firmware Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. | 6.1 |