Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2021-21535

    Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain root level access to the system.... Read more

    Affected Products : hybrid_client
    • EPSS Score: %0.03
    • Published: Apr. 30, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-21534

    Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain access to sensitive information via the local API.... Read more

    Affected Products : hybrid_client
    • EPSS Score: %0.05
    • Published: Apr. 30, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-21533

    Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in the job status retrieval page, also affecting other users that would have normally access to the same subset of job d... Read more

    Affected Products : wyse_management_suite
    • EPSS Score: %0.23
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2021-21532

    Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device ... Read more

    Affected Products : wyse_thinos
    • EPSS Score: %0.12
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2021-21531

    Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user with monitor role may exploit this vulnerability to perform unauthorized actions.... Read more

    • EPSS Score: %0.14
    • Published: Apr. 30, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-21530

    Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain ... Read more

    • EPSS Score: %0.38
    • Published: Apr. 30, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-21529

    Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to cause the system to run out of memory by running multiple i... Read more

    Affected Products : system_update emc_system_update
    • EPSS Score: %0.04
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-21528

    Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. This vulnerability is triggered when upgrading from a previous versions.... Read more

    • EPSS Score: %0.27
    • Published: Nov. 12, 2021
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-21527

    Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privi... Read more

    • EPSS Score: %0.05
    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-21526

    Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root.... Read more

    Affected Products : powerscale_onefs
    • EPSS Score: %0.03
    • Published: Apr. 20, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-21524

    Dell SRM versions prior to 4.5.0.1 and Dell SMR versions prior to 4.5.0.1 contain an Untrusted Deserialization Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to arbitrary privileged code execution on t... Read more

    • EPSS Score: %4.60
    • Published: Apr. 12, 2021
    • Modified: Nov. 21, 2024

  • 8.2

    HIGH
    CVE-2021-21522

    Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageabilit... Read more

    • EPSS Score: %0.04
    • Published: Sep. 28, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-21518

    Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody ... Read more

    • EPSS Score: %0.04
    • Published: Mar. 12, 2021
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-21517

    SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. A remote unauthenticated attacker can potentially exploit th... Read more

    Affected Products : emc_srs_policy_manager
    • EPSS Score: %0.44
    • Published: Mar. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    CRITICAL
    CVE-2021-21515

    Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. A remote low privileged attacker may potentially exploit this vulnerability, to hijack user sessions or to trick a victim application user to unknowingly ... Read more

    Affected Products : emc_sourceone
    • EPSS Score: %0.26
    • Published: Mar. 01, 2021
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2021-21514

    Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view arbitrary files on the target system by sending a speci... Read more

    Affected Products : openmanage_server_administrator
    • EPSS Score: %6.08
    • Published: Mar. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-21513

    Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploi... Read more

    Affected Products : openmanage_server_administrator
    • EPSS Score: %0.50
    • Published: Mar. 02, 2021
    • Modified: Nov. 21, 2024

  • 7.9

    HIGH
    CVE-2021-21512

    Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. A locally authenticated high privileged Cyber Recovery user may potentially exploit this vulnerability leading to the takeover of the notification em... Read more

    • EPSS Score: %0.05
    • Published: Feb. 19, 2021
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2021-21511

    Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. A remote low privileged attacker could potentially exploit this vulnerability, to gain unauthorized read or modification access to other users' b... Read more

    • EPSS Score: %0.15
    • Published: Feb. 15, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-21510

    Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or trigger redirections... Read more

    Affected Products : idrac8_firmware emc_idrac9_firmware
    • EPSS Score: %0.82
    • Published: Mar. 08, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 290983 Results