Filtered by vendor Dell
Subscriptions
Total
1021 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-25937 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-08-02 | 5.1 Medium |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | ||||
| CVE-2023-25934 | 1 Dell | 1 Elastic Cloud Storage | 2024-08-02 | 5.9 Medium |
| DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request. | ||||
| CVE-2023-25540 | 1 Dell | 1 Emc Powerscale Onefs | 2024-08-02 | 6 Medium |
| Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service. | ||||
| CVE-2023-25543 | 1 Dell | 1 Power Manager | 2024-08-02 | 7.8 High |
| Dell Power Manager, versions prior to 3.14, contain an Improper Authorization vulnerability in DPM service. A low privileged malicious user could potentially exploit this vulnerability in order to elevate privileges on the system. | ||||
| CVE-2023-25539 | 2 Dell, Linux | 2 Networker, Linux Kernel | 2024-08-02 | 8.4 High |
| Dell NetWorker 19.6.1.2, contains an OS command injection Vulnerability in the NetWorker client. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. This is a high severity vulnerability as the exploitation allows an attacker to take complete control of a system, so Dell recommends customers to upgrade at the earliest opportunity. | ||||
| CVE-2023-25542 | 1 Dell | 1 Trusted Device Agent | 2024-08-02 | 7 High |
| Dell Trusted Device Agent, versions prior to 5.3.0, contain(s) an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges. | ||||
| CVE-2023-25536 | 1 Dell | 1 Powerscale Onefs | 2024-08-02 | 6.7 Medium |
| Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover. | ||||
| CVE-2023-25544 | 1 Dell | 1 Emc Networker | 2024-08-02 | 7.5 High |
| Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks. | ||||
| CVE-2023-25537 | 1 Dell | 60 Dss 8440, Dss 8440 Firmware, Emc Storage Nx3240 and 57 more | 2024-08-02 | 6.1 Medium |
| Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege. | ||||
| CVE-2023-24569 | 1 Dell | 1 Alienware Command Center | 2024-08-02 | 7.8 High |
| Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system. | ||||
| CVE-2023-24574 | 1 Dell | 1 Enterprise Sonic Distribution | 2024-08-02 | 7.5 High |
| Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumption by creating permanent home directories for unauthenticated users. | ||||
| CVE-2023-24576 | 1 Dell | 1 Emc Networker | 2024-08-02 | 7.5 High |
| EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the NetWorker Client execution service (nsrexecd) irrespective of any auth used. | ||||
| CVE-2023-24575 | 1 Dell | 1 Multifunction Printer E525w Driver And Software Suite | 2024-08-02 | 7.8 High |
| Dell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system | ||||
| CVE-2023-24571 | 1 Dell | 2 Embedded Box Pc 3000, Embedded Box Pc 3000 Firmware | 2024-08-02 | 7.5 High |
| Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution. | ||||
| CVE-2023-24568 | 1 Dell | 1 Networker | 2024-08-02 | 5 Medium |
| Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates. | ||||
| CVE-2023-24567 | 1 Dell | 1 Emc Networker | 2024-08-02 | 7.5 High |
| Dell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks. | ||||
| CVE-2023-24572 | 1 Dell | 1 Command \| Integration Suite For System Center | 2024-08-02 | 4.7 Medium |
| Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. | ||||
| CVE-2023-24573 | 1 Dell | 1 Command \| Monitor | 2024-08-02 | 4.7 Medium |
| Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. | ||||
| CVE-2023-23693 | 1 Dell | 1 Vxrail Hyperconverged Infrastructure | 2024-08-02 | 6.7 Medium |
| Dell VxRail, versions prior to 7.0.450, contains an OS command injection Vulnerability in DCManager command-line utility. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker. | ||||
| CVE-2023-23690 | 1 Dell | 1 Cloud Mobility For Dell Emc Storage | 2024-08-02 | 7 High |
| Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for Certificate Revocation vulnerability. A threat actor does not need any specific privileges to potentially exploit this vulnerability. An attacker could perform a man-in-the-middle attack and eavesdrop on encrypted communications from Cloud Mobility to Cloud Storage devices. Exploitation could lead to the compromise of secret and sensitive information, cloud storage connection downtime, and the integrity of the connection to the Cloud devices. | ||||