Vulnerabilities > Dell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-04 | CVE-2020-5343 | Incorrect Authorization vulnerability in Dell OS Recovery Image for Microsoft Windows 10 Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. | 7.8 |
| 2020-04-15 | CVE-2020-5350 | OS Command Injection vulnerability in Dell EMC Integrated Data Protection Appliance Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component. | 7.2 |
| 2020-04-10 | CVE-2020-5330 | Unspecified vulnerability in Dell products Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell EMC Networking PC5500 firmware versions 4.1.0.22 and older and Dell EMC PowerEdge VRTX Switch Modules firmware versions 2.0.0.77 and older contain an information disclosure vulnerability. | 7.5 |
| 2020-04-04 | CVE-2020-5348 | Use After Free vulnerability in Dell Latitude 7202 Firmware Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_SERVICES in system management mode. | 7.8 |
| 2020-04-04 | CVE-2020-5347 | Resource Exhaustion vulnerability in Dell EMC Isilon Onefs Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability. | 7.5 |
| 2020-03-31 | CVE-2020-5344 | Out-of-bounds Write vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. | 9.8 |
| 2020-03-18 | CVE-2019-3762 | Improper Certificate Validation vulnerability in Dell products Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. | 7.5 |
| 2020-03-18 | CVE-2019-18582 | Code Injection vulnerability in Dell products Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. | 7.2 |
| 2020-03-18 | CVE-2019-18581 | Missing Authorization vulnerability in Dell products Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. | 7.2 |
| 2020-03-13 | CVE-2019-3770 | Cross-site Scripting vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability when unregistering a device. | 6.4 |