Export limit exceeded: 80179 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80179 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-21558 | 1 Dell | 1 Emc Networker | 2024-11-21 | 8.2 High |
| Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to make changes to the network domain. | ||||
| CVE-2021-21557 | 1 Dell | 62 Poweredge C4140, Poweredge C4140 Firmware, Poweredge C6420 and 59 more | 2024-11-21 | 8.1 High |
| Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode. | ||||
| CVE-2021-21549 | 1 Dell | 3 Xtremio Management Server, Xtremio X1, Xtremio X2 | 2024-11-21 | 8.8 High |
| Dell EMC XtremIO Versions prior to 6.3.3-8, contain a Cross-Site Request Forgery Vulnerability in XMS. A non-privileged attacker could potentially exploit this vulnerability, leading to a privileged victim application user being tricked into sending state-changing requests to the vulnerable application, causing unintended server operations. | ||||
| CVE-2021-21546 | 1 Dell | 1 Emc Networker | 2024-11-21 | 7.8 High |
| Dell EMC NetWorker versions 18.x,19.x prior to 19.3.0.4 and 19.4.0.0 contain an Information Disclosure in Log Files vulnerability. A local low-privileged user of the Networker server could potentially exploit this vulnerability to read plain-text credentials from server log files. | ||||
| CVE-2021-21545 | 1 Dell | 1 Peripheral Manager | 2024-11-21 | 7.8 High |
| Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user. | ||||
| CVE-2021-21535 | 1 Dell | 1 Hybrid Client | 2024-11-21 | 7.4 High |
| Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain root level access to the system. | ||||
| CVE-2021-21531 | 1 Dell | 5 Powermax Os, Solutions Enabler, Solutions Enabler Virtual Appliance and 2 more | 2024-11-21 | 8.1 High |
| Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user with monitor role may exploit this vulnerability to perform unauthorized actions. | ||||
| CVE-2021-21530 | 1 Dell | 1 Openmanage Enterprise-modular | 2024-11-21 | 8.3 High |
| Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege. | ||||
| CVE-2021-21528 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 7.5 High |
| Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. This vulnerability is triggered when upgrading from a previous versions. | ||||
| CVE-2021-21522 | 1 Dell | 56 Latitude 5285 2-in-1, Latitude 5285 2-in-1 Firmware, Latitude 5289 2-in-1 and 53 more | 2024-11-21 | 8.2 High |
| Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface. | ||||
| CVE-2021-21518 | 1 Dell | 3 Supportassist Client Promanage, Supportassist For Business Pcs, Supportassist For Home Pcs | 2024-11-21 | 7.8 High |
| Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin. A local user with low privileges could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with SYSTEM privileges. | ||||
| CVE-2021-21517 | 1 Dell | 1 Emc Srs Policy Manager | 2024-11-21 | 7.2 High |
| SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. A remote unauthenticated attacker can potentially exploit this vulnerability to read system files as a non-root user and may be able to temporarily disrupt the ESRS service. | ||||
| CVE-2021-21513 | 1 Dell | 1 Openmanage Server Administrator | 2024-11-21 | 8.6 High |
| Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin access on the affected system. | ||||
| CVE-2021-21512 | 1 Dell | 1 Emc Powerprotect Cyber Recovery | 2024-11-21 | 7.9 High |
| Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. A locally authenticated high privileged Cyber Recovery user may potentially exploit this vulnerability leading to the takeover of the notification email account. | ||||
| CVE-2021-21511 | 1 Dell | 2 Emc Avamar Server, Emc Integrated Data Protection Appliance | 2024-11-21 | 8.1 High |
| Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. A remote low privileged attacker could potentially exploit this vulnerability, to gain unauthorized read or modification access to other users' backup data. | ||||
| CVE-2021-21507 | 1 Dell | 22 R1-2210, R1-2210 Firmware, R1-2401 and 19 more | 2024-11-21 | 8.8 High |
| Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account. | ||||
| CVE-2021-21506 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 8.8 High |
| PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. An un-authtenticated with ISI_PRIV_SYS_SUPPORT and ISI_PRIV_LOGIN_PAPI privileges could potentially exploit this vulnerability, leading to potential privileges escalation. | ||||
| CVE-2021-21505 | 1 Dell | 2 Emc Integrated System For Microsoft Azure Stack Hub, Emc Integrated System For Microsoft Azure Stack Hub Firmware | 2024-11-21 | 8 High |
| Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account. A remote unauthenticated attacker, with the knowledge of the default credentials, could potentially exploit this to log in to the system to gain root privileges. | ||||
| CVE-2021-21503 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 7.8 High |
| PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially exploit this vulnerability, leading to potential privileges escalation. | ||||
| CVE-2021-21501 | 1 Apache | 1 Servicecomb | 2024-11-21 | 7.5 High |
| Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0. | ||||