Filtered by vendor Dell
Subscriptions
Total
1057 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-44304 | 1 Dell | 2 Dm5500, Dm5500 Firmware | 2024-11-21 | 8.8 High |
Dell DM5500 contains a privilege escalation vulnerability in the appliance. A remote attacker with low privileges could potentially exploit this vulnerability to escape the restricted shell and gain root access to the appliance. | ||||
CVE-2023-44284 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2024-11-21 | 4.3 Medium |
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an SQL Injection vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing unauthorized read access to application data. | ||||
CVE-2024-48837 | 1 Dell | 1 Smartfabric Os10 | 2024-11-18 | 7.8 High |
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution | ||||
CVE-2024-49557 | 1 Dell | 1 Smartfabric Os10 | 2024-11-15 | 7.8 High |
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | ||||
CVE-2024-48838 | 1 Dell | 1 Smartfabric Os10 | 2024-11-15 | 3.3 Low |
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker. | ||||
CVE-2024-49558 | 1 Dell | 1 Smartfabric Os10 | 2024-11-15 | 7.8 High |
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
CVE-2024-49560 | 1 Dell | 1 Smartfabric Os10 | 2024-11-15 | 7.8 High |
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution. | ||||
CVE-2024-22428 | 1 Dell | 1 Emc Idrac Service Module | 2024-11-13 | 7 High |
Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system. Dell recommends customers upgrade at the earliest opportunity. | ||||
CVE-2024-45764 | 1 Dell | 2 Enterprise Sonic Distribution, Enterprise Sonic Os | 2024-11-13 | 9 Critical |
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) a Missing Critical Step in Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. This is a critical severity vulnerability so Dell recommends customers to upgrade at the earliest opportunity. | ||||
CVE-2024-45765 | 1 Dell | 2 Enterprise Sonic Distribution, Enterprise Sonic Os | 2024-11-13 | 9.1 Critical |
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. This is a critical severity vulnerability as it allows high privilege OS commands to be executed with a less privileged role; so Dell recommends customers to upgrade at the earliest opportunity. | ||||
CVE-2024-45763 | 1 Dell | 1 Enterprise Sonic Distribution | 2024-11-13 | 9.1 Critical |
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. This is a critical severity vulnerability so Dell recommends customers to upgrade at the earliest opportunity. | ||||
CVE-2024-48010 | 1 Dell | 4 Apex Protection Storage, Emc Data Domain Os, Powerprotect Data Domain and 1 more | 2024-11-08 | 6.5 Medium |
Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application. | ||||
CVE-2023-28061 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-11-08 | 5.1 Medium |
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | ||||
CVE-2023-28042 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-11-08 | 5.1 Medium |
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | ||||
CVE-2023-28035 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-11-08 | 5.1 Medium |
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | ||||
CVE-2023-28041 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-11-08 | 5.1 Medium |
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | ||||
CVE-2023-32463 | 1 Dell | 90 Vxrail D560, Vxrail D560 Firmware, Vxrail D560f and 87 more | 2024-11-08 | 3.4 Low |
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction. | ||||
CVE-2023-32464 | 1 Dell | 90 Vxrail D560, Vxrail D560 Firmware, Vxrail D560f and 87 more | 2024-11-08 | 2.7 Low |
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit. | ||||
CVE-2023-28052 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-11-08 | 5.1 Medium |
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | ||||
CVE-2023-25936 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-11-08 | 5.1 Medium |
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |