Vulnerabilities > Dell > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-04 | CVE-2020-29492 | Incorrect Default Permissions vulnerability in Dell Wyse Thinos 8.6 Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. | 10.0 |
| 2020-07-28 | CVE-2020-5377 | Path Traversal vulnerability in Dell EMC Openmanage Server Administrator Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. | 9.1 |
| 2020-03-31 | CVE-2020-5344 | Out-of-bounds Write vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. | 9.8 |
| 2020-03-13 | CVE-2019-18578 | Cross-site Scripting vulnerability in Dell Xtremio Management Server Dell EMC XtremIO XMS versions prior to 6.3.0 contain a stored cross-site scripting vulnerability. | 9.0 |
| 2020-03-06 | CVE-2020-5328 | Missing Authentication for Critical Function vulnerability in Dell EMC Isilon Onefs Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. | 9.8 |
| 2020-03-06 | CVE-2020-5327 | Deserialization of Untrusted Data vulnerability in Dell Security Management Server 10.2.0 Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. | 9.8 |
| 2020-01-15 | CVE-2009-1120 | Unspecified vulnerability in Dell EMC Replistor EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. | 9.8 |
| 2019-12-18 | CVE-2019-18572 | Insufficiently Protected Credentials vulnerability in Dell RSA Identity Governance and Lifecycle The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper Authentication vulnerability. | 9.8 |
| 2019-11-26 | CVE-2019-18580 | Deserialization of Untrusted Data vulnerability in Dell EMC Storage Monitoring and Reporting 4.3.1 Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data vulnerability. | 10.0 |
| 2019-09-27 | CVE-2019-3766 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dell EMC Elastic Cloud Storage Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. | 9.8 |