Search Results (367102 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-29956 1 Broadcom 1 Brocade Sannav 2025-02-04 6.5 Medium
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav.
CVE-2024-29957 1 Broadcom 1 Brocade Sannav 2025-02-04 7.5 High
When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.
CVE-2024-29958 1 Broadcom 1 Brocade Sannav 2025-02-04 7.5 High
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less protected path to acquiring the encryption key.
CVE-2024-47480 1 Dell 1 Inventory Collector 2025-02-04 7.8 High
Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability. A low-privilege attacker with local access may exploit this vulnerability, potentially resulting in Elevation of Privileges and unauthorized file system access.
CVE-2024-52542 1 Dell 1 Appsync 2025-02-04 4.4 Medium
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information tampering.
CVE-2024-47984 1 Dell 1 Recoverpoint For Virtual Machines 2025-02-04 4.4 Medium
Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Service vulnerability. A User with Remote access could potentially exploit this vulnerability, leading to the disruption of most functionalities of the RPA persistent after reboot, resulting in need of technical support intervention in getting system back to stable state.
CVE-2024-28980 1 Dell 1 Recoverpoint For Virtual Machines 2025-02-04 6.5 Medium
Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the SSH. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.
CVE-2024-24902 1 Dell 1 Recoverpoint For Virtual Machines 2025-02-04 6.6 Medium
Dell RecoverPoint for Virtual Machines 6.0.x contains an Improper access control vulnerability. A low privileged local attacker could potentially exploit this vulnerability leading to gaining access to unauthorized data for a limited time.
CVE-2024-29959 1 Broadcom 1 Brocade Sannav 2025-02-04 8.6 High
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints Brocade Fabric OS switch encrypted passwords in the Brocade SANnav Standby node's support save.
CVE-2024-48008 1 Dell 1 Recoverpoint For Virtual Machines 2025-02-04 5.3 Medium
Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An Low privileged remote attacker could potentially exploit this vulnerability leading to information disclosure ,allowing of unintended actions like reading files that may contain sensitive information
CVE-2024-29960 1 Broadcom 1 Brocade Sannav 2025-02-04 6.8 Medium
In Brocade SANnav server before v2.3.1 and v2.3.0a, the SSH keys inside the OVA image are identical in the VM every time SANnav is installed. Any Brocade SAnnav VM based on the official OVA images is vulnerable to MITM over SSH. An attacker can decrypt and compromise the SSH traffic to the SANnav.
CVE-2024-38488 1 Dell 1 Recoverpoint For Virtual Machines 2025-02-04 6.5 Medium
Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of Excessive Authentication vulnerability where a Network attacker could potentially exploit this vulnerability, leading to a brute force attack or a dictionary attack against the RecoverPoint login form and a complete system compromise. This allows attackers to brute-force the password of valid users in an automated manner.
CVE-2024-22461 1 Dell 1 Recoverpoint For Virtual Machines 2025-02-04 8.8 High
Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged remote attacker could potentially exploit this vulnerability by running any command as root, leading to gaining of root-level access and compromise of complete system.
CVE-2024-47238 1 Dell 16 Edge Gateway 3000, Edge Gateway 3000 Firmware, Edge Gateway 3001 and 13 more 2025-02-04 7.5 High
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.
CVE-2024-29961 1 Broadcom 1 Brocade Sannav 2025-02-04 8.2 High
A vulnerability affects Brocade SANnav before v2.3.1 and v2.3.0a. It allows a Brocade SANnav service to send ping commands in the background at regular intervals to gridgain.com to check if updates are available for the Component. This could make an unauthenticated, remote attacker aware of the behavior and launch a supply-chain attack against a Brocade SANnav appliance.
CVE-2025-22394 1 Dell 1 Display Manager 2025-02-04 6.7 Medium
Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and possibly privilege escalation.
CVE-2024-29963 1 Broadcom 1 Brocade Sannav 2025-02-04 1.9 Low
Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries.
CVE-2025-21101 1 Dell 1 Display Manager 2025-02-04 6.6 Medium
Dell Display Manager, versions prior to 2.3.2.20, contain a race condition vulnerability. A local malicious user could potentially exploit this vulnerability during installation, leading to arbitrary folder or file deletion.
CVE-2025-22395 1 Dell 1 Update Package Framework 2025-02-04 8.2 High
Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary remote scripts on the server. Exploitation may lead to a denial of service by an attacker.
CVE-2024-29962 1 Broadcom 1 Brocade Sannav 2025-02-04 5.5 Medium
Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary.