High

DATE	CVE	VULNERABILITY TITLE	RISK
2012-06-19	CVE-2009-0695	Improper Authentication vulnerability in Dell Wyse Device Manager 4.7.0/4.7.1/4.7.2 hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action. network low complexity dell CWE-287	7.5
2012-06-19	CVE-2009-0693	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Dell Wyse Device Manager 4.7.0/4.7.1/4.7.2 Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote attackers to execute arbitrary code via (1) the User-Agent HTTP header to hserver.dll or (2) unspecified input to hagent.exe. network low complexity dell CWE-119	7.5
2012-03-22	CVE-2012-1844	Credentials Management vulnerability in multiple products The Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100) and the IBM TS3310 tape library with firmware before R6C (606G.GS001), uses default passwords for unspecified user accounts, which makes it easier for remote attackers to obtain access via unknown vectors. network low complexity quantum dell ibm CWE-255	7.5
2006-08-25	CVE-2006-2112	Permissions, Privileges, and Access Controls vulnerability in multiple products Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP printing interface as a proxy ("FTP bounce") by using arbitrary PORT arguments to connect to systems for which access would be otherwise restricted. network low complexity dell fuji-xerox CWE-264	7.5
2006-07-10	CVE-2006-3470	Remote Security vulnerability in Openmanage Cd The Dell Openmanage CD launches X11 and SSH daemons that do not require authentication, which allows remote attackers to gain privileges. network low complexity dell	7.5
2004-11-23	CVE-2004-0079	NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. network low complexity cisco symantec hp avaya redhat freebsd openbsd apple sco 4d checkpoint dell lite neoteris novell openssl sgi stonesoft tarantella vmware bluecoat securecomputing sun CWE-476	7.5
2001-09-12	CVE-2001-1105	RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure. network low complexity dell cisco	7.5