Vulnerabilities > Dell > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-28 | CVE-2021-36286 | Link Following vulnerability in Dell Supportassist Client Consumer Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. | 7.1 |
| 2021-09-28 | CVE-2021-36297 | Untrusted Search Path vulnerability in Dell Supportassist for Home PCS SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll's, | 7.8 |
| 2021-08-16 | CVE-2021-36279 | Unspecified vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. | 7.8 |
| 2021-08-16 | CVE-2021-36281 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. | 8.8 |
| 2021-08-10 | CVE-2021-21567 | Improper Privilege Management vulnerability in Dell Powerscale Onefs 9.0.0.0/9.1.0.0 Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. | 7.8 |
| 2021-08-10 | CVE-2021-21601 | Unspecified vulnerability in Dell products Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. | 7.8 |
| 2021-08-09 | CVE-2021-21585 | OS Command Injection vulnerability in Dell Openmanage Enterprise 3.5 Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. | 7.2 |
| 2021-08-09 | CVE-2021-21596 | Unspecified vulnerability in Dell products Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remote code execution vulnerability. low complexity dell | 8.8 |
| 2021-08-09 | CVE-2021-36276 | Unspecified vulnerability in Dell Dbutildrv2.Sys Firmware 2.5/2.6 Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. | 7.8 |
| 2021-08-09 | CVE-2021-36277 | Improper Verification of Cryptographic Signature vulnerability in Dell products Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. | 7.8 |