Vulnerabilities > Dell > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-30 | CVE-2021-21539 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Dell Idrac9 Firmware Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a Time-of-check Time-of-use (TOCTOU) race condition vulnerability. | 7.1 |
| 2021-04-30 | CVE-2021-21530 | OS Command Injection vulnerability in Dell Openmanage Enterprise-Modular Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. | 8.8 |
| 2021-04-30 | CVE-2021-21531 | Incorrect Resource Transfer Between Spheres vulnerability in Dell products Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. | 7.8 |
| 2021-04-30 | CVE-2021-21535 | Missing Authentication for Critical Function vulnerability in Dell Hybrid Client 1.0/1.1/1.1.01 Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. | 7.8 |
| 2021-04-12 | CVE-2021-21545 | Uncontrolled Search Path Element vulnerability in Dell Peripheral Manager Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user. | 7.8 |
| 2021-03-12 | CVE-2021-21518 | Uncontrolled Search Path Element vulnerability in Dell products Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin. | 7.8 |
| 2021-03-08 | CVE-2021-21506 | Improper Input Validation vulnerability in Dell EMC Powerscale Onefs 8.1.2/8.2.2/9.1.0 PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. | 8.8 |
| 2021-03-08 | CVE-2021-21503 | OS Command Injection vulnerability in Dell EMC Powerscale Onefs 8.1.2/8.2.2/9.1.0 PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. | 7.8 |
| 2021-03-01 | CVE-2021-21517 | XXE vulnerability in Dell EMC SRS Policy Manager 6.6/6.8.3/6.9.0 SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. | 7.2 |
| 2021-02-15 | CVE-2021-21511 | Unspecified vulnerability in Dell products Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. | 8.1 |