Vulnerabilities > Dell > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-25 | CVE-2019-12280 | Uncontrolled Search Path Element vulnerability in multiple products PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element. | 7.8 |
| 2019-06-20 | CVE-2019-3735 | Improper Privilege Management vulnerability in Dell products Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1 contain an Improper Privilege Management Vulnerability. | 7.8 |
| 2019-06-19 | CVE-2019-3737 | Path Traversal vulnerability in Dell Avamar Data Migration Enabler web Interface 1.0.50/1.0.51 Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application. | 7.5 |
| 2019-06-06 | CVE-2019-3722 | XXE vulnerability in Dell EMC Openmanage Server Administrator Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. | 7.5 |
| 2019-04-25 | CVE-2019-3721 | Allocation of Resources Without Limits or Throttling vulnerability in Dell EMC Openmanage Server Administrator Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. | 7.5 |
| 2019-04-18 | CVE-2019-3719 | Unspecified vulnerability in Dell Supportassist Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. low complexity dell | 8.0 |
| 2019-04-18 | CVE-2019-3718 | Cross-Site Request Forgery (CSRF) vulnerability in Dell Supportassist Dell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. | 8.8 |
| 2019-03-28 | CVE-2019-3710 | Use of Hard-coded Credentials vulnerability in Dell EMC Networking Os10 Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptographic key vulnerability due to an underlying application using undocumented, pre-installed X.509v3 key/certificate pairs. | 8.1 |
| 2019-03-07 | CVE-2019-3712 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell products Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ThinLinux HAgent versions prior to 5.4.55 00.10 contain a buffer overflow vulnerability. | 8.8 |
| 2019-02-13 | CVE-2018-15781 | Use of Hard-coded Credentials vulnerability in Dell Wyse Thinlinux 2.0 The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded Cryptographic Key vulnerability. | 8.0 |