Filtered by vendor Dell
Subscribe
Total
1199 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-43071 | 1 Dell | 1 Smartfabric Storage Software | 2024-11-21 | N/A | 4.4 MEDIUM |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to various injection type attacks. | |||||
| CVE-2023-43070 | 1 Dell | 1 Smartfabric Storage Software | 2024-11-21 | N/A | 6.3 MEDIUM |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface. A remote authenticated attacker could potentially exploit this vulnerability, leading to modify or write arbitrary files to arbitrary locations in the license container. | |||||
| CVE-2023-43069 | 1 Dell | 1 Smartfabric Storage Software | 2024-11-21 | N/A | 7.8 HIGH |
| Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker. | |||||
| CVE-2023-43068 | 1 Dell | 1 Smartfabric Storage Software | 2024-11-21 | N/A | 7.8 HIGH |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. An authenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands. | |||||
| CVE-2023-43067 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2024-11-21 | N/A | 4.9 MEDIUM |
| Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack could potentially exploit this vulnerability disclosing local files in the file system. | |||||
| CVE-2023-43066 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2024-11-21 | N/A | 5.1 MEDIUM |
| Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands. | |||||
| CVE-2023-43065 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2024-11-21 | N/A | 5.5 MEDIUM |
| Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. A low-privileged authenticated attacker can exploit these issues to obtain escalated privileges. | |||||
| CVE-2023-3039 | 1 Dell | 1 Sd Rom Utility | 2024-11-21 | N/A | 7.3 HIGH |
| SD ROM Utility, versions prior to 1.0.2.0 contain an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access. | |||||
| CVE-2023-39259 | 1 Dell | 1 Os Recovery Tool | 2024-11-21 | N/A | 7.3 HIGH |
| Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability, leading to the elevation of privilege on the system. | |||||
| CVE-2023-39257 | 1 Dell | 1 Rugged Control Center | 2024-11-21 | N/A | 7.3 HIGH |
| Dell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder when product installation repair is performed, leading to privilege escalation on the system. | |||||
| CVE-2023-39256 | 1 Dell | 1 Rugged Control Center | 2024-11-21 | N/A | 7.3 HIGH |
| Dell Rugged Control Center, version prior to 4.7, contains an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder during product installation and upgrade, leading to privilege escalation on the system. | |||||
| CVE-2023-39253 | 1 Dell | 1 Os Recovery Tool | 2024-11-21 | N/A | 7.3 HIGH |
| Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability, leading to the elevation of privilege on the system. | |||||
| CVE-2023-39252 | 1 Dell | 1 Secure Connect Gateway Policy Manager | 2024-11-21 | N/A | 5.9 MEDIUM |
| Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information. | |||||
| CVE-2023-39251 | 1 Dell | 26 Inspiron 7510, Inspiron 7510 Firmware, Inspiron 7610 and 23 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system. | |||||
| CVE-2023-39250 | 1 Dell | 3 Replay Manager For Vmware, Storage Integration Tools For Vmware, Storage Vsphere Client Plugin | 2024-11-21 | N/A | 7.8 HIGH |
| Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks. | |||||
| CVE-2023-39249 | 1 Dell | 1 Supportassist For Home Pcs | 2024-11-21 | N/A | 6.3 MEDIUM |
| Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC. The Run as Admin temporary privilege feature enables IT/System Administrators to perform driver scans and Dell-recommended driver installations without requiring them to log out of the local non-admin user session. However, the granted privilege is limited solely to the SupportAssist User Interface and automatically expires after 15 minutes. | |||||
| CVE-2023-39248 | 1 Dell | 1 Networking Os10 | 2024-11-21 | N/A | 7.5 HIGH |
| Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption (Denial of Service) vulnerability, when switches are configured with VLT and VRRP. A remote unauthenticated user can cause the network to be flooded leading to Denial of Service for actual network users. This is a high severity vulnerability as it allows an attacker to cause an outage of network. Dell recommends customers to upgrade at the earliest opportunity. | |||||
| CVE-2023-39246 | 2 Dell, Microsoft | 4 Encryption, Endpoint Security Suite Enterprise, Security Management Server and 1 more | 2024-11-21 | N/A | 4.6 MEDIUM |
| Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation | |||||
| CVE-2023-32495 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | N/A | 7.8 HIGH |
| Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges. | |||||
| CVE-2023-32494 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | N/A | 6.7 MEDIUM |
| Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also. | |||||