CVE-2025-43995

< 2020

Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenti

9.8CRITICAL

CVE-2025-43994

< 2020

Dell Storage Center - Dell Storage Manager, version(s) DSM 20.1.21, contain(s) a Missing Authentication for Critical Function vuln

8.6HIGH

CVE-2025-46425

< 2020

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Referenc

6.5MEDIUM

CVE-2025-22476

< 2020

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Neutralization of Special Elements used in

5.5MEDIUM

CVE-2025-23379

all versions

Dell Storage Center - Dell Storage Manager, version(s) 21.0.20, contain(s) an Improper Neutralization of Input During Web Page Gen

3.5LOW

CVE-2025-22479

all versions

Dell Storage Center - Dell Storage Manager, version(s) 20.0.21, contain(s) an Improper Limitation of a Pathname to a Restricted Di

3.5LOW

CVE-2025-22478

all versions

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Referenc

8.1HIGH

CVE-2025-22477

all versions

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Authentication vulnerability. An unauthenti

8.3HIGH

CVE-2021-32528

<= 3.3.1

Observable behavioral discrepancy vulnerability in QSAN Storage Manager allows remote attackers to obtain the system information w

5.3MEDIUM

CVE-2021-32527

<= 3.3.1

Path traversal vulnerability in QSAN Storage Manager allows remote unauthenticated attackers to download arbitrary files thru inje

7.5HIGH

CVE-2021-32526

<= 3.3.1

Incorrect permission assignment for critical resource vulnerability in QSAN Storage Manager allows authenticated remote attackers

6.5MEDIUM

CVE-2021-32525

< 3.3.1

The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to access the control interface wit

9.1CRITICAL

CVE-2021-32524

<= 3.3.1

Command injection vulnerability in QSAN Storage Manager allows remote privileged users to execute arbitrary commands. Suggest cont

9.1CRITICAL

CVE-2021-32523

<= 3.3.1

Improper authorization vulnerability in QSAN Storage Manager allows remote privileged users to bypass the access control and execu

9.1CRITICAL

CVE-2021-32522

<= 3.3.1

Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attacke

9.8CRITICAL

CVE-2021-32521

<= 3.3.1

Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges

7.3HIGH

CVE-2021-32520

<= 3.3.1

Use of hard-coded cryptographic key vulnerability in QSAN Storage Manager allows attackers to obtain users’ credentials and rela

9.8CRITICAL

CVE-2021-32519

< 3.3.2

Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attac

9.8CRITICAL

CVE-2021-32518

< 3.3.3

A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a symbolic link then access arbitrary file

7.5HIGH

CVE-2021-32517

< 3.3.3

Improper access control vulnerability in share_link in QSAN Storage Manager allows remote attackers to download arbitrary files us

7.5HIGH

CVE-2021-32516

< 3.3.3

Path traversal vulnerability in share_link in QSAN Storage Manager allows remote attackers to download arbitrary files. The referr

7.5HIGH

CVE-2021-32515

< 3.3.3

Directory listing vulnerability in share_link in QSAN Storage Manager allows attackers to list arbitrary directories and further a

5.3MEDIUM

CVE-2021-32514

< 3.3.3

Improper access control vulnerability in FirmwareUpgrade in QSAN Storage Manager allows remote attackers to reboot and discontinue

7.5HIGH

CVE-2021-32513

< 3.3.3

QsanTorture in QSAN Storage Manager does not filter special parameters properly that allows remote unauthenticated attackers to in

9.8CRITICAL

CVE-2021-32512

< 3.3.3

QuickInstall in QSAN Storage Manager does not filter special parameters properly that allows remote unauthenticated attackers to i

9.8CRITICAL

CVE-2021-32511

< 3.3.3

QSAN Storage Manager through directory listing vulnerability in ViewBroserList allows remote authenticated attackers to list arbit

4.3MEDIUM

CVE-2021-32510

< 3.3.3

QSAN Storage Manager through directory listing vulnerability in antivirus function allows remote authenticated attackers to list a

4.3MEDIUM

CVE-2021-32509

< 3.3.3

Absolute Path Traversal vulnerability in FileviewDoc in QSAN Storage Manager allows remote authenticated attackers access arbitrar

6.5MEDIUM

CVE-2021-32508

< 3.3.3

Absolute Path Traversal vulnerability in FileStreaming in QSAN Storage Manager allows remote authenticated attackers access arbitr

6.5MEDIUM

CVE-2021-32507

< 3.3.3

Absolute Path Traversal vulnerability in FileDownload in QSAN Storage Manager allows remote authenticated attackers download arbit

6.5MEDIUM

CVE-2021-32506

< 3.3.3

Absolute Path Traversal vulnerability in GetImage in QSAN Storage Manager allows remote authenticated attackers download arbitrary

6.5MEDIUM

CVE-2017-14384

< 16.3.20

In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerab

6.5MEDIUM

CVE-2012-2576

< 5.1.2

SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler befor

9.8CRITICAL

CVE-2017-14374

< 16.3.20

The SMI-S service in Dell Storage Manager versions earlier than 16.3.20 (aka 2016 R3.20) is protected using a hard-coded password.

9.8CRITICAL

CVE-2015-7838

<= 6.1

ProcessFileUpload.jsp in SolarWinds Storage Manager before 6.2 allows remote attackers to upload and execute arbitrary files via u

CVE-2015-5371

all versions

The AuthenticationFilter class in SolarWinds Storage Manager allows remote attackers to upload and execute arbitrary scripts via u