Vulnerabilities > Dell > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-10 | CVE-2015-7272 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell Integrated Remote Access Controller Firmware 1.99/2.20.20.20 Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input. | 9.8 |
| 2017-04-10 | CVE-2015-7271 | Use of Externally-Controlled Format String vulnerability in Dell Integrated Remote Access Controller Firmware 1.99/2.20.20.20 Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo. | 9.8 |
| 2017-02-22 | CVE-2016-9684 | Command Injection vulnerability in Dell Sonicwall Secure Remote Access Server 8.1.0.214Sv The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. | 9.8 |
| 2017-02-22 | CVE-2016-9683 | Command Injection vulnerability in Dell Sonicwall Secure Remote Access Server 8.1.0.214Sv The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. | 9.8 |
| 2017-02-22 | CVE-2016-9682 | Command Injection vulnerability in Dell Sonicwall Secure Remote Access Server 8.1.0.214Sv The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. | 9.8 |
| 2016-10-05 | CVE-2016-6646 | Improper Input Validation vulnerability in multiple products The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input to the (1) GetSymmCmdRequest or (2) RemoteServiceHandler class. | 9.8 |
| 2016-06-19 | CVE-2016-0912 | Permissions, Privileges, and Access Controls vulnerability in Dell EMC Data Domain OS EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to (1) a different account with the same role as a target account or (2) an account's session at an unattended workstation. | 9.8 |
| 2016-04-15 | CVE-2016-0889 | Improper Input Validation vulnerability in Dell EMC Unisphere An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname. | 9.8 |
| 2015-08-20 | CVE-2015-0537 | Integer Underflow (Wrap or Wraparound) vulnerability in Dell Bsafe, Bsafe Crypto-C and Bsafe Ssl-C Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows remote attackers to cause a denial of service (memory corruption or segmentation fault) or possibly have unspecified other impact via crafted base64 data, a similar issue to CVE-2015-0292. | 9.8 |