Filtered by vendor Dell
Subscriptions
Total
1021 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4401 | 1 Dell | 1 Smartfabric Storage Software | 2024-09-19 | 7.8 High |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access. | ||||
| CVE-2023-43068 | 1 Dell | 1 Smartfabric Storage Software | 2024-09-19 | 7.8 High |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. An authenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands. | ||||
| CVE-2023-43069 | 1 Dell | 1 Smartfabric Storage Software | 2024-09-19 | 7.8 High |
| Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker. | ||||
| CVE-2023-43070 | 1 Dell | 1 Smartfabric Storage Software | 2024-09-19 | 6.3 Medium |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface. A remote authenticated attacker could potentially exploit this vulnerability, leading to modify or write arbitrary files to arbitrary locations in the license container. | ||||
| CVE-2023-43071 | 1 Dell | 1 Smartfabric Storage Software | 2024-09-19 | 4.4 Medium |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to various injection type attacks. | ||||
| CVE-2023-43072 | 1 Dell | 1 Smartfabric Storage Software | 2024-09-19 | 4.4 Medium |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands. | ||||
| CVE-2023-43073 | 1 Dell | 1 Smartfabric Storage Software | 2024-09-19 | 4.3 Medium |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. An authenticated remote attacker could potentially exploit this vulnerability, leading to gaining unauthorized access to data. | ||||
| CVE-2023-32485 | 1 Dell | 1 Smartfabric Storage Software | 2024-09-19 | 9.8 Critical |
| Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity. | ||||
| CVE-2024-32859 | 1 Dell | 48 Alienware Area 51m R2, Alienware Area 51m R2 Firmware, Alienware Aurora R10 and 45 more | 2024-09-19 | 7.5 High |
| Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | ||||
| CVE-2024-38483 | 1 Dell | 83 Embedded Box Pc 5000, Embedded Box Pc 5000 Firmware, Latitude 12 Rugged Extreme 7214 and 80 more | 2024-09-18 | 5.8 Medium |
| Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | ||||
| CVE-2024-28970 | 1 Dell | 28 G7 7500, G7 7500 Firmware, G7 7700 and 25 more | 2024-09-18 | 4.7 Medium |
| Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service. | ||||
| CVE-2021-21551 | 1 Dell | 1 Dbutil 2 3.sys | 2024-09-17 | 8.8 High |
| Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required. | ||||
| CVE-2024-22221 | 1 Dell | 1 Unity Operating Environment | 2024-09-17 | 4.5 Medium |
| Dell Unity, versions prior to 5.4, contains SQL Injection vulnerability. An authenticated attacker could potentially exploit this vulnerability, leading to exposure of sensitive information. | ||||
| CVE-2023-43067 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2024-09-17 | 4.9 Medium |
| Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack could potentially exploit this vulnerability disclosing local files in the file system. | ||||
| CVE-2021-36282 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 2.5 Low |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. This can potentially allow an authenticated user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to gain access up to 24 bytes of data within the /ifs kernel stack under certain conditions. | ||||
| CVE-2020-29503 | 1 Dell | 1 Emc Powerstore | 2024-09-17 | 4.1 Medium |
| Dell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file permission Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information disclosure of certain system directory. | ||||
| CVE-2022-33926 | 1 Dell | 1 Wyse Management Suite | 2024-09-17 | 7.1 High |
| Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked. | ||||
| CVE-2018-1187 | 1 Dell | 1 Emc Isilon | 2024-09-17 | N/A |
| Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6 is affected by a cross-site scripting vulnerability in the Network Configuration page within the OneFS web administration interface. A malicious administrator may potentially inject arbitrary HTML or JavaScript code in the user's browser session in the context of the OneFS website. | ||||
| CVE-2022-26868 | 1 Dell | 3 Powerstore T, Powerstore X, Powerstoreos | 2024-09-17 | 6.4 Medium |
| Dell EMC PowerStore versions 2.0.0.x, 2.0.1.x, and 2.1.0.x are vulnerable to a command injection flaw. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system takeover by an attacker. | ||||
| CVE-2021-21598 | 1 Dell | 4 Wyse 3040 Thin Client, Wyse 5070 Thin Client, Wyse 5470 Thin Client and 1 more | 2024-09-17 | 3.9 Low |
| Dell Wyse ThinOS, versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure Vulnerability. An authenticated attacker with physical access to the system could exploit this vulnerability to read sensitive Smartcard data in log files. | ||||