Filtered by vendor Dell
Subscribe
Total
1434 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-39245 | 1 Dell | 1 Enterprise Storage Integrator For Sap Landscape Management | 2025-01-23 | N/A | 9.8 CRITICAL |
| DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information disclosure vulnerability in EHAC component. An remote unauthenticated attacker could potentially exploit this vulnerability by eavesdropping the network traffic to gain admin level credentials. | |||||
| CVE-2024-22425 | 1 Dell | 1 Recoverpoint For Virtual Machines | 2025-01-23 | N/A | 6.5 MEDIUM |
| Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint login form. This allows attackers to brute-force the password of valid users in an automated manner. | |||||
| CVE-2024-22426 | 1 Dell | 1 Recoverpoint For Virtual Machines | 2025-01-23 | N/A | 7.2 HIGH |
| Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary operating system commands, which will get executed in the context of the root user, resulting in a complete system compromise. | |||||
| CVE-2024-51540 | 1 Dell | 1 Elastic Cloud Storage | 2025-01-21 | N/A | 8.1 HIGH |
| Dell ECS, versions prior to 3.8.1.3 contains an arithmetic overflow vulnerability exists in retention period handling of ECS. An authenticated user with bucket or object-level access and the necessary privileges could potentially exploit this vulnerability to bypass retention policies and delete objects. | |||||
| CVE-2024-52534 | 1 Dell | 1 Elastic Cloud Storage | 2025-01-21 | N/A | 5.4 MEDIUM |
| Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Session theft. | |||||
| CVE-2024-28976 | 1 Dell | 1 Repository Manager | 2025-01-21 | N/A | 8.8 HIGH |
| Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized write access to the files stored on the server filesystem with the privileges of the running web application. | |||||
| CVE-2024-28977 | 1 Dell | 1 Repository Manager | 2025-01-21 | N/A | 3.3 LOW |
| Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of the running web application. | |||||
| CVE-2024-37130 | 1 Dell | 1 Openmanage Server Administrator | 2025-01-09 | N/A | 7.3 HIGH |
| Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the machine. Exploitation may lead to a complete system compromise. | |||||
| CVE-2024-29170 | 1 Dell | 1 Powerscale Onefs | 2025-01-08 | N/A | 8.1 HIGH |
| Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials vulnerability. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure of network traffic and denial of service. | |||||
| CVE-2024-0156 | 1 Dell | 1 Digital Delivery | 2025-01-08 | N/A | 7.0 HIGH |
| Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. | |||||
| CVE-2024-0155 | 1 Dell | 1 Digital Delivery | 2025-01-08 | N/A | 7.0 HIGH |
| Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code. | |||||
| CVE-2024-42427 | 1 Dell | 1 Wyse Thinos | 2024-12-20 | N/A | 7.6 HIGH |
| Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges. | |||||
| CVE-2024-42424 | 1 Dell | 4 7920 Xl Rack, 7920 Xl Rack Firmware, Precision 7920 Rack and 1 more | 2024-12-20 | N/A | 5.3 MEDIUM |
| Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
| CVE-2024-38304 | 1 Dell | 62 Dss 8440, Dss 8440 Firmware, Emc Storage Nx3240 and 59 more | 2024-12-20 | N/A | 3.8 LOW |
| Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
| CVE-2024-38303 | 1 Dell | 62 Dss 8440, Dss 8440 Firmware, Emc Storage Nx3240 and 59 more | 2024-12-20 | N/A | 5.3 MEDIUM |
| Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
| CVE-2024-39584 | 1 Dell | 40 Alienware Area 51m R2, Alienware Area 51m R2 Firmware, Alienware Aurora R13 and 37 more | 2024-12-20 | N/A | 8.2 HIGH |
| Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution. | |||||
| CVE-2023-43078 | 1 Dell | 695 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 692 more | 2024-12-19 | N/A | 6.7 MEDIUM |
| Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service. | |||||
| CVE-2022-34398 | 1 Dell | 478 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 475 more | 2024-12-19 | N/A | 7.5 HIGH |
| Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system. | |||||
| CVE-2024-48016 | 1 Dell | 1 Secure Connect Gateway | 2024-12-13 | N/A | 4.6 MEDIUM |
| Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to use exposed credentials to access the system with privileges of the compromised account. | |||||
| CVE-2024-47241 | 1 Dell | 1 Secure Connect Gateway | 2024-12-13 | N/A | 5.5 MEDIUM |
| Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access and modification of transmitted data. | |||||