Vulnerabilities > Dell > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-31 | CVE-2018-11054 | Integer Overflow or Wraparound vulnerability in multiple products RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. | 7.5 |
| 2018-08-23 | CVE-2018-15748 | Weak Password Requirements vulnerability in Dell products On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, Engine Firmware Version 1.10.65, and Network Firmware Version V4.02.15(2335dn MFP) 11-22-2010, the admin interface allows an authenticated attacker to retrieve the configured SMTP or LDAP password by viewing the HTML source code of the Email Settings webpage. | 8.8 |
| 2018-08-10 | CVE-2018-11063 | Unquoted Search Path or Element vulnerability in Dell Wyse Management Suite 1.0/1.1 Dell WMS versions 1.1 and prior are impacted by multiple unquoted service path vulnerabilities. | 7.8 |
| 2018-08-10 | CVE-2018-11048 | XXE vulnerability in Dell products Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 contain a XML External Entity (XXE) Injection vulnerability in the REST API. | 8.1 |
| 2018-08-01 | CVE-2018-11050 | Insufficiently Protected Credentials vulnerability in Dell EMC Networker Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing Protocol (AMQP) component. | 8.8 |
| 2018-07-02 | CVE-2018-1244 | Command Injection vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. | 8.8 |
| 2018-07-02 | CVE-2018-1243 | Improperly Implemented Security Check for Standard vulnerability in Dell products Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. | 7.5 |
| 2018-07-02 | CVE-2018-1212 | Command Injection vulnerability in Dell Idrac6 Modular and Idrac6 Monolithic The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. | 8.8 |
| 2018-05-08 | CVE-2018-1239 | OS Command Injection vulnerability in Dell products Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. | 7.2 |
| 2018-04-24 | CVE-2017-2802 | Untrusted Search Path vulnerability in Dell Precision Optimizer 3.5.5.0 An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. | 7.8 |