Filtered by vendor Dell Subscriptions
Total 1056 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-33921 1 Dell 1 Geodrive 2024-09-16 7 High
Dell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.
CVE-2022-34379 1 Dell 1 Cloudlink 2024-09-16 9.4 Critical
Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A remote attacker, with the knowledge of the active directory usernames, could potentially exploit this vulnerability to gain unauthorized access to the system.
CVE-2020-29495 1 Dell 2 Emc Avamar Server, Emc Integrated Data Protection Appliance 2024-09-16 10 Critical
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high privileges. This vulnerability is considered critical as it can be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the earliest opportunity.
CVE-2022-33937 1 Dell 1 Geodrive 2024-09-16 7.1 High
Dell GeoDrive, Versions 1.0 - 2.2, contain a Path Traversal Vulnerability in the reporting function. A local, low privileged attacker could potentially exploit this vulnerability, to gain unauthorized delete access to the files stored on the server filesystem, with the privileges of the GeoDrive service: NT AUTHORITY\SYSTEM.
CVE-2024-39574 1 Dell 2 Insightiq, Powerscale Insightiq 2024-09-16 6.7 Medium
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.
CVE-2024-39581 1 Dell 2 Insightiq, Powerscale Insightiq 2024-09-16 7.3 High
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files.
CVE-2024-42425 1 Dell 4 7920 Xl, 7920 Xl Firmware, Precision 7920 and 1 more 2024-09-16 3.8 Low
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2024-39583 1 Dell 2 Insightiq, Powerscale Insightiq 2024-09-16 8.1 High
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2024-39580 1 Dell 2 Insightiq, Powerscale Insightiq 2024-09-16 6.7 Medium
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2024-39582 1 Dell 1 Insightiq 2024-09-16 2.3 Low
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2024-38486 1 Dell 1 Smartfabric Os10 2024-09-13 7.5 High
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
CVE-2023-43066 1 Dell 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment 2024-09-11 5.1 Medium
Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands.
CVE-2023-43065 1 Dell 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment 2024-09-11 5.5 Medium
Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. A low-privileged authenticated attacker can exploit these issues to obtain escalated privileges.
CVE-2023-32466 1 Dell 2 Edge Gateway 3200, Edge Gateway 3200 Firmware 2024-09-11 5.7 Medium
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some UEFI code, leading to arbitrary code execution or escalation of privilege.
CVE-2023-43074 1 Dell 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment 2024-09-11 5.2 Medium
Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by crafting arbitrary files through a request to the server.
CVE-2023-32471 1 Dell 20 Edge Gateway 3200, Edge Gateway 3200 Firmware, Edge Gateway 5200 and 17 more 2024-09-11 6 Medium
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds read vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability to read contents of stack memory and use this information for further exploits.
CVE-2023-32467 1 Dell 12 Chengming 3977, Chengming 3977 Firmware, Edge Gateway 3200 and 9 more 2024-09-10 5.7 Medium
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some UEFI code, leading to arbitrary code execution or escalation of privilege.
CVE-2024-42427 1 Dell 1 Wyse Proprietary Os 2024-09-10 7.6 High
Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2024-37136 1 Dell 1 Path To Powerprotect 2024-09-05 6.8 Medium
Dell Path to PowerProtect, versions 1.1, 1.2, contains an Exposure of Private Personal Information to an Unauthorized Actor vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information exposure.
CVE-2023-43087 1 Dell 1 Powerscale Onefs 2024-09-05 4.3 Medium
Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. A low privileged remote attacker could potentially exploit this vulnerability to cause information disclosure.