Filtered by vendor Dell Subscriptions
Total 1034 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-32453 1 Dell 222 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 219 more 2024-10-02 4.6 Medium
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.
CVE-2023-32457 1 Dell 1 Powerscale Onefs 2024-10-02 7.5 High
Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges.
CVE-2023-32491 1 Dell 1 Powerscale Onefs 2024-10-01 6.3 Medium
Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure.
CVE-2023-32492 1 Dell 1 Powerscale Onefs 2024-10-01 5.3 Medium
Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files.
CVE-2023-43081 1 Dell 1 Powerprotect Agent For File System 2024-10-01 4 Medium
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files.
CVE-2023-44306 1 Dell 2 Dm5500, Dm5500 Firmware 2024-10-01 6.5 Medium
Dell DM5500 contains a path traversal vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability to overwrite configuration files stored on the server filesystem.
CVE-2023-44279 1 Dell 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more 2024-10-01 6.7 Medium
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A local high privileged attacker could potentially exploit this vulnerability, to bypass security restrictions. Exploitation may lead to a system take over by an attacker
CVE-2023-28072 1 Dell 1 Alienware Command Center 2024-09-30 7.8 High
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system.
CVE-2024-39577 1 Dell 1 Smartfabric Os10 2024-09-30 7.1 High
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability leading to code execution.
CVE-2024-37125 1 Dell 1 Smartfabric Os10 2024-09-30 7.5 High
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an Uncontrolled Resource Consumption vulnerability. A remote unauthenticated host could potentially exploit this vulnerability leading to a denial of service.
CVE-2023-3039 1 Dell 1 Sd Rom Utility 2024-09-26 7.3 High
SD ROM Utility, versions prior to 1.0.2.0 contain an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access.
CVE-2023-32472 1 Dell 5 Edge Gateway 3200, Edge Gateway 3200 Firmware, Edge Gateway 5200 and 2 more 2024-09-26 5.7 Medium
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege.
CVE-2023-32470 1 Dell 1 Digital Delivery 2024-09-25 5 Medium
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).
CVE-2024-0160 1 Dell 30 G3 3500, G3 3500 Firmware, G5 5500 and 27 more 2024-09-25 6.8 Medium
Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS.
CVE-2023-32461 1 Dell 104 Emc Xc Core Xc450, Emc Xc Core Xc450 Firmware, Emc Xc Core Xc650 and 101 more 2024-09-25 5 Medium
Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.  
CVE-2024-32858 1 Dell 48 Alienware Area 51m R2, Alienware Area 51m R2 Firmware, Alienware Aurora R10 and 45 more 2024-09-24 7.5 High
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
CVE-2024-32856 1 Dell 46 Alienware Area 51m R2, Alienware Area 51m R2 Firmware, Alienware Aurora R10 and 43 more 2024-09-24 5.1 Medium
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2023-39252 1 Dell 1 Secure Connect Gateway Policy Manager 2024-09-24 5.9 Medium
Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.
CVE-2023-28055 1 Dell 1 Networker 2024-09-24 8.8 High
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command leading to gain of complete access to the server file further resulting in information leaks, denial of service, and arbitrary code execution. Dell recommends customers to upgrade at the earliest opportunity.
CVE-2024-29175 1 Dell 1 Data Domain Operating System 2024-09-23 5.9 Medium
Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an weak cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to man-in-the-middle attack that exposes sensitive session information.