Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-27 | CVE-2020-5383 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell EMC Isilon and EMC Powerscale Onefs Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS version 9.0.0 contains a buffer overflow vulnerability in the Likewise component. | 5.3 |
| 2020-07-09 | CVE-2020-5366 | Path Traversal vulnerability in Dell Idrac9 Firmware Dell EMC iDRAC9 versions prior to 4.20.20.20 contain a Path Traversal Vulnerability. | 6.5 |
| 2020-07-06 | CVE-2020-5356 | Files or Directories Accessible to External Parties vulnerability in Dell products Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. | 6.5 |
| 2020-06-23 | CVE-2020-5345 | Missing Authorization vulnerability in Dell products Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. | 5.4 |
| 2020-06-17 | CVE-2020-11899 | Out-of-bounds Read vulnerability in multiple products The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | 5.4 |
| 2020-06-10 | CVE-2020-5363 | Unspecified vulnerability in Dell products Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Admin password. | 6.7 |
| 2020-06-10 | CVE-2020-5362 | Missing Authorization vulnerability in Dell products Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values. | 4.4 |
| 2020-05-28 | CVE-2020-5357 | Uncontrolled Search Path Element vulnerability in Dell products Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. | 6.0 |
| 2020-03-13 | CVE-2019-3770 | Cross-site Scripting vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability when unregistering a device. | 6.4 |
| 2020-03-13 | CVE-2019-3769 | Cross-site Scripting vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability. | 6.4 |