Vulnerabilities > Dell > High

DATE CVE VULNERABILITY TITLE RISK
2021-04-12 CVE-2021-21545 Uncontrolled Search Path Element vulnerability in Dell Peripheral Manager
Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user.
local
low complexity
dell CWE-427
7.8
2021-03-12 CVE-2021-21518 Uncontrolled Search Path Element vulnerability in Dell products
Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin.
local
low complexity
dell CWE-427
7.8
2021-03-08 CVE-2021-21506 Improper Input Validation vulnerability in Dell EMC Powerscale Onefs 8.1.2/8.2.2/9.1.0
PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler.
network
low complexity
dell CWE-20
8.8
2021-03-08 CVE-2021-21503 OS Command Injection vulnerability in Dell EMC Powerscale Onefs 8.1.2/8.2.2/9.1.0
PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command.
local
low complexity
dell CWE-78
7.8
2021-03-01 CVE-2021-21517 XXE vulnerability in Dell EMC SRS Policy Manager 6.6/6.8.3/6.9.0
SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation.
network
low complexity
dell CWE-611
7.2
2021-02-15 CVE-2021-21511 Unspecified vulnerability in Dell products
Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI.
network
low complexity
dell
8.1
2021-02-09 CVE-2020-26194 Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Powerscale Onefs 8.1.2/8.2.2
Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability.
local
low complexity
dell CWE-732
7.8
2021-02-09 CVE-2020-26193 OS Command Injection vulnerability in Dell EMC Powerscale Onefs
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability.
local
low complexity
dell CWE-78
7.8
2021-02-09 CVE-2020-26192 Missing Authentication for Critical Function vulnerability in Dell EMC Powerscale Onefs
Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability.
local
low complexity
dell CWE-306
7.8
2021-02-09 CVE-2020-26191 Unspecified vulnerability in Dell EMC Powerscale Onefs
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain a privilege escalation vulnerability.
local
low complexity
dell
7.8