Total
74 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37138 | 1 Dell | 1 Data Domain Operating System | 2026-06-17 | N/A | 4.1 MEDIUM |
| Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC contain a relative path traversal vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the application sending over an unauthorized file to the managed system. | |||||
| CVE-2024-29177 | 1 Dell | 1 Data Domain Operating System | 2026-06-17 | N/A | 2.7 LOW |
| Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a disclosure of temporary sensitive information vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the reuse of disclosed information to gain unauthorized access to the application report. | |||||
| CVE-2024-29176 | 1 Dell | 10 Apex Protection Storage, Data Domain Operating System, Dd3300 and 7 more | 2026-06-17 | N/A | 8.8 HIGH |
| Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution. | |||||
| CVE-2024-29175 | 1 Dell | 1 Data Domain Operating System | 2026-06-17 | N/A | 5.9 MEDIUM |
| Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an weak cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to man-in-the-middle attack that exposes sensitive session information. | |||||
| CVE-2024-29174 | 1 Dell | 1 Data Domain Operating System | 2026-06-17 | N/A | 4.4 MEDIUM |
| Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS 7.10.1.20 contain an SQL Injection vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing unauthorized access to application data. | |||||
| CVE-2024-29173 | 1 Dell | 10 Apex Protection Storage, Data Domain Operating System, Dd3300 and 7 more | 2026-06-17 | N/A | 6.8 MEDIUM |
| Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Server-Side Request Forgery (SSRF) vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to disclosure of information on the application or remote client. | |||||
| CVE-2024-28973 | 1 Dell | 9 Data Domain Operating System, Dd3300, Dd6400 and 6 more | 2026-06-17 | N/A | 5.9 MEDIUM |
| Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Stored Cross-Site Scripting Vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a high privileged victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery | |||||
| CVE-2026-35154 | 1 Dell | 1 Data Domain Operating System | 2026-05-11 | N/A | 6.3 MEDIUM |
| Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges to access unauthorized delete operation. | |||||
| CVE-2026-23853 | 1 Dell | 2 Data Domain Operating System, Powerprotect Dp Series Appliance | 2026-05-08 | N/A | 8.4 HIGH |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to unauthorized access to the system. | |||||
| CVE-2026-35072 | 1 Dell | 2 Data Domain Operating System, Powerprotect Dp Series Appliance | 2026-05-08 | N/A | 6.7 MEDIUM |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS command ('OS command injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. | |||||
| CVE-2026-35073 | 1 Dell | 1 Data Domain Operating System | 2026-05-08 | N/A | 6.7 MEDIUM |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS command injection vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. | |||||
| CVE-2026-35074 | 1 Dell | 2 Data Domain Operating System, Powerprotect Dp Series Appliance | 2026-05-08 | N/A | 6.7 MEDIUM |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS Command Injection vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. | |||||
| CVE-2026-35153 | 1 Dell | 2 Data Domain Operating System, Powerprotect Dp Series Appliance | 2026-05-08 | N/A | 6.7 MEDIUM |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of argument delimiters in a command ('argument injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. | |||||
| CVE-2025-46605 | 1 Dell | 1 Data Domain Operating System | 2026-05-08 | N/A | 6.2 MEDIUM |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain a session fixation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. | |||||
| CVE-2025-46606 | 1 Dell | 1 Data Domain Operating System | 2026-05-08 | N/A | 6.2 MEDIUM |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper restriction of excessive authentication attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. | |||||
| CVE-2026-28263 | 1 Dell | 2 Data Domain Operating System, Powerprotect Data Domain | 2026-05-05 | N/A | 5.9 MEDIUM |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a cross-site Scripting vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection. | |||||
| CVE-2026-23777 | 1 Dell | 2 Data Domain Operating System, Powerprotect Data Domain | 2026-05-05 | N/A | 4.3 MEDIUM |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an exposure of sensitive information to an unauthorized actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information exposure. | |||||
| CVE-2025-46641 | 1 Dell | 1 Data Domain Operating System | 2026-05-05 | N/A | 6.6 MEDIUM |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. | |||||
| CVE-2025-46607 | 1 Dell | 1 Data Domain Operating System | 2026-05-05 | N/A | 6.6 MEDIUM |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. | |||||
| CVE-2026-26951 | 1 Dell | 2 Data Domain Operating System, Powerprotect Dp Series Appliance | 2026-04-28 | N/A | 6.7 MEDIUM |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a stack-based buffer overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. | |||||