Vulnerabilities > Dell > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-02 | CVE-2021-21513 | Improper Authentication vulnerability in Dell Openmanage Server Administrator Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. | 9.8 |
| 2021-02-09 | CVE-2021-21502 | Improper Authentication vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration" vulnerability. | 9.8 |
| 2021-01-14 | CVE-2020-29495 | OS Command Injection vulnerability in Dell products DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. | 10.0 |
| 2021-01-14 | CVE-2020-29493 | SQL Injection vulnerability in Dell products DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. | 9.8 |
| 2021-01-04 | CVE-2020-29492 | Incorrect Default Permissions vulnerability in Dell Wyse Thinos 8.6 Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. | 10.0 |
| 2020-07-28 | CVE-2020-5377 | Path Traversal vulnerability in Dell EMC Openmanage Server Administrator Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. | 9.1 |
| 2020-03-31 | CVE-2020-5344 | Out-of-bounds Write vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. | 9.8 |
| 2020-03-13 | CVE-2019-18578 | Cross-site Scripting vulnerability in Dell Xtremio Management Server Dell EMC XtremIO XMS versions prior to 6.3.0 contain a stored cross-site scripting vulnerability. | 9.0 |
| 2020-03-06 | CVE-2020-5328 | Missing Authentication for Critical Function vulnerability in Dell EMC Isilon Onefs Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. | 9.8 |
| 2020-03-06 | CVE-2020-5327 | Deserialization of Untrusted Data vulnerability in Dell Security Management Server 10.2.0 Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. | 9.8 |