Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-06 | CVE-2020-5317 | Cross-site Scripting vulnerability in Dell EMC Elastic Cloud Storage 3.4.0.0 Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. | 4.8 |
| 2020-01-10 | CVE-2019-18588 | Cross-site Scripting vulnerability in Dell EMC Powermax and EMC Unisphere for Powermax Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. | 5.4 |
| 2019-12-18 | CVE-2019-18571 | Cross-site Scripting vulnerability in Dell RSA Identity Governance and Lifecycle The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a reflected cross-site scripting vulnerability in the My Access Live module [MAL]. | 5.4 |
| 2019-12-16 | CVE-2019-18579 | Unspecified vulnerability in Dell XPS 7390 Firmware 1.0.13/1.0.6/1.0.9 Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vulnerability. low complexity dell | 6.8 |
| 2019-12-03 | CVE-2019-3750 | Link Following vulnerability in Dell Command Update Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. | 5.5 |
| 2019-12-03 | CVE-2019-3749 | Link Following vulnerability in Dell Command Update Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. | 5.5 |
| 2019-11-07 | CVE-2019-3764 | Unspecified vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. | 4.3 |
| 2019-09-30 | CVE-2019-3733 | Incomplete Cleanup vulnerability in multiple products RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. | 4.9 |
| 2019-09-27 | CVE-2019-3747 | Cross-site Scripting vulnerability in Dell EMC Integrated Data Protection Appliance Firmware 2.0/2.1/2.2 Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. | 4.8 |
| 2019-09-24 | CVE-2019-3726 | Uncontrolled Search Path Element vulnerability in Dell Update Package Framework 19.1.0.413/3.8.3.67/4.9.4.36 An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package (DUP) Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers. | 6.7 |