Filtered by vendor Dell
Subscriptions
Total
1426 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-6646 | 2 Dell, Emc | 3 Emc Unisphere, Solutions Enabler, Unisphere | 2025-04-12 | N/A |
| The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input to the (1) GetSymmCmdRequest or (2) RemoteServiceHandler class. | ||||
| CVE-2015-0535 | 1 Dell | 2 Bsafe, Bsafe Ssl-c | 2025-04-12 | 7.5 High |
| EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier do not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a similar issue to CVE-2015-0204. | ||||
| CVE-2015-0533 | 1 Dell | 2 Bsafe, Bsafe Ssl-c | 2025-04-12 | 7.5 High |
| EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier allow remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message, a similar issue to CVE-2014-3572. | ||||
| CVE-2014-4630 | 1 Dell | 2 Bsafe Micro-edition-suite, Bsafe Ssl-j | 2025-04-12 | N/A |
| EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSAFE SSL-J before 6.1.4 do not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack." | ||||
| CVE-2014-4191 | 1 Dell | 1 Bsafe Share | 2025-04-12 | N/A |
| The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) sends a long series of random bytes during use of the Dual_EC_DRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than CVE-2007-6755. | ||||
| CVE-2014-4192 | 1 Dell | 1 Bsafe Share | 2025-04-12 | N/A |
| The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) processes certain requests for output bytes by considering only the requested byte count and not the use of cached bytes, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than CVE-2007-6755. | ||||
| CVE-2014-0628 | 1 Dell | 1 Bsafe Micro-edition-suite | 2025-04-12 | N/A |
| The server in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.5 does not properly process certificate chains, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | ||||
| CVE-2014-8272 | 2 Dell, Intel | 4 Idrac6 Modular, Idrac6 Monolithic, Idrac7 and 1 more | 2025-04-12 | N/A |
| The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack. | ||||
| CVE-2014-2959 | 2 Dell, Quantum | 4 Powervault Ml6000, Powervault Ml6000 Firmware, Scalar I500 and 1 more | 2025-04-12 | N/A |
| logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote attackers to execute arbitrary commands via shell metacharacters in a pathname parameter. | ||||
| CVE-2015-4067 | 1 Dell | 1 Netvault Backup | 2025-04-12 | N/A |
| Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers to execute arbitrary code via crafted template string specifiers in a serialized object, which triggers a heap-based buffer overflow. | ||||
| CVE-2013-4783 | 1 Dell | 1 Idrac6 Bmc | 2025-04-11 | N/A |
| The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. NOTE: the vendor disputes the significance of this issue, stating "DRAC's are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet." | ||||
| CVE-2013-0120 | 1 Dell | 1 Powerconnect 6248p | 2025-04-11 | N/A |
| The web interface on Dell PowerConnect 6248P switches allows remote attackers to cause a denial of service (device crash) via a malformed request. | ||||
| CVE-2012-4955 | 1 Dell | 1 Openmanage Server Administrator | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Dell OpenManage Server Administrator (OMSA) before 6.5.0.1, 7.0 before 7.0.0.1, and 7.1 before 7.1.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-3582 | 1 Dell | 22 Latitude D530, Latitude D531, Latitude D630 and 19 more | 2025-04-11 | N/A |
| Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision M#### devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbu_packet.pktNum value in conjunction with a crafted rbu_packet.pktSize value. | ||||
| CVE-2012-6272 | 1 Dell | 1 Openmanage Server Administrator | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, and 7.1.0.1 allow remote attackers to inject arbitrary web script or HTML via the topic parameter to html/index_main.htm in (1) help/sm/en/Output/wwhelp/wwhimpl/js/, (2) help/sm/es/Output/wwhelp/wwhimpl/js/, (3) help/sm/ja/Output/wwhelp/wwhimpl/js/, (4) help/sm/de/Output/wwhelp/wwhimpl/js/, (5) help/sm/fr/Output/wwhelp/wwhimpl/js/, (6) help/sm/zh/Output/wwhelp/wwhimpl/js/, (7) help/hip/en/msgguide/wwhelp/wwhimpl/js/, or (8) help/hip/en/msgguide/wwhelp/wwhimpl/common/. | ||||
| CVE-2012-3551 | 1 Dell | 1 Crowbar | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in crowbar_framework/app/views/support/index.html.haml in the Crowbar barclamp in Crowbar, possibly 1.4 and earlier, allows remote attackers to inject arbitrary web script or HTML via the file parameter to /utils. | ||||
| CVE-2012-3537 | 1 Dell | 1 Crowbar | 2025-04-11 | N/A |
| The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names. | ||||
| CVE-2013-3589 | 1 Dell | 4 Idrac6 Firmware, Idrac6 Monolithic, Idrac7 and 1 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter. | ||||
| CVE-2011-4436 | 1 Dell | 1 Kace K2000 Systems Deployment Appliance | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-1844 | 3 Dell, Ibm, Quantum | 9 Powervault Ml6000, Powervault Ml6000 Firmware, Powervault Ml6010 and 6 more | 2025-04-11 | N/A |
| The Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100) and the IBM TS3310 tape library with firmware before R6C (606G.GS001), uses default passwords for unspecified user accounts, which makes it easier for remote attackers to obtain access via unknown vectors. | ||||