Filtered by vendor Dell
Subscriptions
Total
1101 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2001-1105 | 2 Cisco, Dell | 2 Icdn, Bsafe Ssl-j | 2024-11-20 | N/A |
RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure. | ||||
CVE-2024-48837 | 1 Dell | 1 Smartfabric Os10 | 2024-11-18 | 7.8 High |
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution | ||||
CVE-2024-49557 | 1 Dell | 1 Smartfabric Os10 | 2024-11-15 | 7.8 High |
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | ||||
CVE-2024-48838 | 1 Dell | 1 Smartfabric Os10 | 2024-11-15 | 3.3 Low |
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker. | ||||
CVE-2024-49558 | 1 Dell | 1 Smartfabric Os10 | 2024-11-15 | 7.8 High |
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
CVE-2024-49560 | 1 Dell | 1 Smartfabric Os10 | 2024-11-15 | 7.8 High |
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution. | ||||
CVE-2024-45764 | 1 Dell | 2 Enterprise Sonic Distribution, Enterprise Sonic Os | 2024-11-13 | 9 Critical |
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) a Missing Critical Step in Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. This is a critical severity vulnerability so Dell recommends customers to upgrade at the earliest opportunity. | ||||
CVE-2024-45765 | 1 Dell | 2 Enterprise Sonic Distribution, Enterprise Sonic Os | 2024-11-13 | 9.1 Critical |
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. This is a critical severity vulnerability as it allows high privilege OS commands to be executed with a less privileged role; so Dell recommends customers to upgrade at the earliest opportunity. | ||||
CVE-2024-45763 | 1 Dell | 1 Enterprise Sonic Distribution | 2024-11-13 | 9.1 Critical |
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. This is a critical severity vulnerability so Dell recommends customers to upgrade at the earliest opportunity. | ||||
CVE-2024-47481 | 1 Dell | 1 Data Lakehouse | 2024-10-31 | 6.5 Medium |
Dell Data Lakehouse, version(s) 1.0.0.0, 1.1.0., contain(s) an Improper Access Control vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Denial of service. | ||||
CVE-2024-47483 | 1 Dell | 1 Data Lakehouse | 2024-10-31 | 2.9 Low |
Dell Data Lakehouse, version(s) 1.0.0.0 and 1.1.0.0, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
CVE-2024-47240 | 1 Dell | 1 Secure Connect Gateway | 2024-10-22 | 5.5 Medium |
Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vulnerability to gain write access to unauthorized data and cause a version update failure condition. | ||||
CVE-2024-39586 | 1 Dell | 1 Emc Appsync | 2024-10-17 | 2.9 Low |
Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially exploit this vulnerability, leading to information disclosure. | ||||
CVE-2024-42423 | 2 Citrix, Dell | 2 Workspace, Thinos | 2024-09-20 | 6.1 Medium |
Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions leading to information disclosure and tampering. | ||||
CVE-2024-38483 | 1 Dell | 83 Embedded Box Pc 5000, Embedded Box Pc 5000 Firmware, Latitude 12 Rugged Extreme 7214 and 80 more | 2024-09-18 | 5.8 Medium |
Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | ||||
CVE-2024-39585 | 1 Dell | 1 Smartfabric Os10 | 2024-09-17 | 7.9 High |
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an Use of Hard-coded Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Client-side request forgery and Information disclosure. | ||||
CVE-2024-39574 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2024-09-16 | 6.7 Medium |
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. | ||||
CVE-2024-39581 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2024-09-16 | 7.3 High |
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files. | ||||
CVE-2024-42425 | 1 Dell | 4 7920 Xl, 7920 Xl Firmware, Precision 7920 and 1 more | 2024-09-16 | 3.8 Low |
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
CVE-2024-39583 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2024-09-16 | 8.1 High |
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. |