CVE-2021-21551

Known exploited
Public exploit
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
Max CVSS
8.8
EPSS Score
0.18%
Published
2021-05-04
Updated
2023-10-05
CISA KEV Added
2022-03-31

CVE-2004-0331

Public exploit
Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows remote attackers to cause a denial of service (crash) via a HTTP POST with a long application variable.
Max CVSS
5.0
EPSS Score
95.24%
Published
2004-11-23
Updated
2017-07-11
Dell PowerScale OneFS 9.5.0.x through 9.7.0.x contain a covert timing channel vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.
Max CVSS
5.3
EPSS Score
0.04%
Published
2024-03-25
Updated
2024-03-25
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions vulnerability. A local low privileges malicious user could potentially exploit this vulnerability, leading to denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-02-01
Updated
2024-02-03
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information tampering, code execution, denial of service.
Max CVSS
6.8
EPSS Score
0.06%
Published
2023-12-05
Updated
2023-12-12
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service.
Max CVSS
7.1
EPSS Score
0.06%
Published
2023-12-05
Updated
2023-12-12
Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, leading to denial of service.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-05
Updated
2023-12-11
Dell Pair Installer version prior to 1.2.1 contains an elevation of privilege vulnerability. A low privilege user with local access to the system could potentially exploit this vulnerability to delete arbitrary files and result in Denial of Service.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-01-24
Updated
2024-01-30
Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a denial-of-service vulnerability. A low privilege remote attacker could potentially exploit this vulnerability to cause an out of memory (OOM) condition.
Max CVSS
6.5
EPSS Score
0.07%
Published
2023-11-02
Updated
2023-11-09
Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption (Denial of Service) vulnerability, when switches are configured with VLT and VRRP. A remote unauthenticated user can cause the network to be flooded leading to Denial of Service for actual network users. This is a high severity vulnerability as it allows an attacker to cause an outage of network. Dell recommends customers to upgrade at the earliest opportunity.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-05
Updated
2023-12-11
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution.
Max CVSS
9.8
EPSS Score
0.20%
Published
2023-08-16
Updated
2023-08-22
Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-08-16
Updated
2023-08-22
Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the configured SMTP server with numerous requests in order to deny access to the system.
Max CVSS
6.5
EPSS Score
0.04%
Published
2023-07-20
Updated
2023-07-26
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-09-08
Updated
2023-09-13
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-06-23
Updated
2023-07-05
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-02-06
Updated
2024-02-13
Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data. Dell recommends customers to upgrade at the earliest opportunity.
Max CVSS
9.1
EPSS Score
0.04%
Published
2024-02-15
Updated
2024-02-15
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).
Max CVSS
7.1
EPSS Score
0.04%
Published
2023-06-23
Updated
2023-06-30
Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
Max CVSS
4.6
EPSS Score
0.05%
Published
2023-06-23
Updated
2023-06-30
Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.
Max CVSS
6.7
EPSS Score
0.04%
Published
2024-02-06
Updated
2024-02-15
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command leading to gain of complete access to the server file further resulting in information leaks, denial of service, and arbitrary code execution. Dell recommends customers to upgrade at the earliest opportunity.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-09-27
Updated
2023-09-29
Dell PowerScale OneFS versions 8.2.x-9.4.x contain an uncontrolled resource consumption vulnerability. A malicious network user with low privileges could potentially exploit this vulnerability in SMB, leading to a potential denial of service.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-04-04
Updated
2023-04-11
Dell PowerScale OneFS versions 8.2.x-9.5.0.x contain an elevation of privilege vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to Denial of service, escalation of privileges, and information disclosure. This vulnerability breaks the compliance mode guarantee.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-04-04
Updated
2023-04-11
Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service.
Max CVSS
7.1
EPSS Score
0.04%
Published
2023-02-28
Updated
2023-03-09
Dell EMC PV ME5, versions ME5.1.0.0.0 and ME5.1.0.1.0, contains a Client-side desync Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability to force a victim's browser to desynchronize its connection with the website, typically leading to XSS and DoS.
Max CVSS
8.8
EPSS Score
0.09%
Published
2023-01-20
Updated
2023-02-01
115 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!