Filtered by vendor Dell
Subscriptions
Total
1034 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-32453 | 1 Dell | 222 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 219 more | 2024-10-02 | 4.6 Medium |
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator. | ||||
CVE-2023-32457 | 1 Dell | 1 Powerscale Onefs | 2024-10-02 | 7.5 High |
Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges. | ||||
CVE-2023-32491 | 1 Dell | 1 Powerscale Onefs | 2024-10-01 | 6.3 Medium |
Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure. | ||||
CVE-2023-32492 | 1 Dell | 1 Powerscale Onefs | 2024-10-01 | 5.3 Medium |
Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files. | ||||
CVE-2023-43081 | 1 Dell | 1 Powerprotect Agent For File System | 2024-10-01 | 4 Medium |
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files. | ||||
CVE-2023-44306 | 1 Dell | 2 Dm5500, Dm5500 Firmware | 2024-10-01 | 6.5 Medium |
Dell DM5500 contains a path traversal vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability to overwrite configuration files stored on the server filesystem. | ||||
CVE-2023-44279 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2024-10-01 | 6.7 Medium |
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A local high privileged attacker could potentially exploit this vulnerability, to bypass security restrictions. Exploitation may lead to a system take over by an attacker | ||||
CVE-2023-28072 | 1 Dell | 1 Alienware Command Center | 2024-09-30 | 7.8 High |
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system. | ||||
CVE-2024-39577 | 1 Dell | 1 Smartfabric Os10 | 2024-09-30 | 7.1 High |
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability leading to code execution. | ||||
CVE-2024-37125 | 1 Dell | 1 Smartfabric Os10 | 2024-09-30 | 7.5 High |
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an Uncontrolled Resource Consumption vulnerability. A remote unauthenticated host could potentially exploit this vulnerability leading to a denial of service. | ||||
CVE-2023-3039 | 1 Dell | 1 Sd Rom Utility | 2024-09-26 | 7.3 High |
SD ROM Utility, versions prior to 1.0.2.0 contain an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access. | ||||
CVE-2023-32472 | 1 Dell | 5 Edge Gateway 3200, Edge Gateway 3200 Firmware, Edge Gateway 5200 and 2 more | 2024-09-26 | 5.7 Medium |
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege. | ||||
CVE-2023-32470 | 1 Dell | 1 Digital Delivery | 2024-09-25 | 5 Medium |
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). | ||||
CVE-2024-0160 | 1 Dell | 30 G3 3500, G3 3500 Firmware, G5 5500 and 27 more | 2024-09-25 | 6.8 Medium |
Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS. | ||||
CVE-2023-32461 | 1 Dell | 104 Emc Xc Core Xc450, Emc Xc Core Xc450 Firmware, Emc Xc Core Xc650 and 101 more | 2024-09-25 | 5 Medium |
Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges. | ||||
CVE-2024-32858 | 1 Dell | 48 Alienware Area 51m R2, Alienware Area 51m R2 Firmware, Alienware Aurora R10 and 45 more | 2024-09-24 | 7.5 High |
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | ||||
CVE-2024-32856 | 1 Dell | 46 Alienware Area 51m R2, Alienware Area 51m R2 Firmware, Alienware Aurora R10 and 43 more | 2024-09-24 | 5.1 Medium |
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
CVE-2023-39252 | 1 Dell | 1 Secure Connect Gateway Policy Manager | 2024-09-24 | 5.9 Medium |
Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information. | ||||
CVE-2023-28055 | 1 Dell | 1 Networker | 2024-09-24 | 8.8 High |
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command leading to gain of complete access to the server file further resulting in information leaks, denial of service, and arbitrary code execution. Dell recommends customers to upgrade at the earliest opportunity. | ||||
CVE-2024-29175 | 1 Dell | 1 Data Domain Operating System | 2024-09-23 | 5.9 Medium |
Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an weak cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to man-in-the-middle attack that exposes sensitive session information. |