Dell iDRAC9 < 7.00.00.174 / 7.10.90.00 Information Disclosure (DSA-2026-113)

The version of Dell iDRAC9 installed on the remote host is affected by an information disclosure vulnerability as referenced in the DSA-2026-113 advisory. - Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.174, 15G and 16G versions prior to 7.10.90.00, contain an...

EUVD-2025-38153

Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10.80.00 through 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain an Improper Limitation of a Pathname to a Restricted Directory 'Pa...

EUVD-2025-31169

Malicious code in bioql PyPI...

CVE-2025-26482

Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure...

PT-2025-39457

Name of the Vulnerable Software and Affected Versions Dell PowerEdge Server BIOS and Dell iDRAC9 affected versions not specified Description A high privileged attacker with remote access could potentially exploit an Information Disclosure issue. This could lead to the disclosure of information...

DELL iDRAC9 授权问题漏洞

The Dell iDRAC9 is a Dell Inc. offering that provides comprehensive, embedded management, and automation capabilities across the PowerEdge family of servers. One Controller. An authorization issue vulnerability exists in Dell iDRAC9 that arises from improper privilege management and can be...

CVE-2021-36347

iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating...

Vulnerabilities fixed in Dell EMC iDRAC

Dell EMC has fixed vulnerabilities in iDRAC8 and iDRAC9.The vulnerabilities potentially allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data Access to system...

Dell EMC iDRAC9和Dell EMC iDRAC8 缓冲区错误漏洞

DELL Dell EMC iDRAC9 and Dell EMC iDRAC8 are both products of Dell DELL Corporation, U.S.A. The Dell EMC iDRAC9 is a system management solution that includes hardware and software. The Dell EMC iDRAC9 is a hardware and software systems management solution that provides remote management, crash...

CVE-2021-21580

Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phish users into believing that the message is legitimate...

CVE-2021-21577

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link...

CVE-2021-21539

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a Time-of-check Time-of-use TOCTOU race condition vulnerability. A remote authenticated attacker could potentially exploit this vulnerability to gain elevated privileges when a user with higher privileges is simultaneously accessing iDRAC throu...

CVE-2021-21542

Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected while generati...

Dell EMC iDRAC9 跨站脚本漏洞

Dell EMC iDRAC9 is a system management solution comprising hardware and software from Dell USA. The solution provides remote management, crash system recovery and power control for Dell PowerEdge systems. A stored cross-site scripting vulnerability exists in Dell EMC iDRAC9 versions prior to...

Dell EMC iDRAC9 SSL/TLS Protection Stripping Vulnerability

Dell EMC iDRAC9 is a system management solution comprising hardware and software from Dell USA. The solution provides remote management, crash system recovery and power control for Dell PowerEdge systems. A security vulnerability exists in Dell EMC iDRAC9 versions prior to 3.21.21.21, which stems...