Filtered by vendor Dell
Subscribe
Total
1526 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-28977 | 1 Dell | 1 Repository Manager | 2025-01-21 | N/A | 3.3 LOW |
| Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of the running web application. | |||||
| CVE-2024-37130 | 1 Dell | 1 Openmanage Server Administrator | 2025-01-09 | N/A | 7.3 HIGH |
| Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the machine. Exploitation may lead to a complete system compromise. | |||||
| CVE-2024-29170 | 1 Dell | 1 Powerscale Onefs | 2025-01-08 | N/A | 8.1 HIGH |
| Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials vulnerability. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure of network traffic and denial of service. | |||||
| CVE-2024-0156 | 1 Dell | 1 Digital Delivery | 2025-01-08 | N/A | 7.0 HIGH |
| Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. | |||||
| CVE-2024-0155 | 1 Dell | 1 Digital Delivery | 2025-01-08 | N/A | 7.0 HIGH |
| Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code. | |||||
| CVE-2024-42427 | 1 Dell | 1 Wyse Thinos | 2024-12-20 | N/A | 7.6 HIGH |
| Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges. | |||||
| CVE-2024-42424 | 1 Dell | 4 7920 Xl Rack, 7920 Xl Rack Firmware, Precision 7920 Rack and 1 more | 2024-12-20 | N/A | 5.3 MEDIUM |
| Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
| CVE-2024-38304 | 1 Dell | 62 Dss 8440, Dss 8440 Firmware, Emc Storage Nx3240 and 59 more | 2024-12-20 | N/A | 3.8 LOW |
| Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
| CVE-2024-38303 | 1 Dell | 62 Dss 8440, Dss 8440 Firmware, Emc Storage Nx3240 and 59 more | 2024-12-20 | N/A | 5.3 MEDIUM |
| Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
| CVE-2024-39584 | 1 Dell | 40 Alienware Area 51m R2, Alienware Area 51m R2 Firmware, Alienware Aurora R13 and 37 more | 2024-12-20 | N/A | 8.2 HIGH |
| Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution. | |||||
| CVE-2023-43078 | 1 Dell | 695 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 692 more | 2024-12-19 | N/A | 6.7 MEDIUM |
| Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service. | |||||
| CVE-2022-34398 | 1 Dell | 478 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 475 more | 2024-12-19 | N/A | 7.5 HIGH |
| Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system. | |||||
| CVE-2024-48016 | 1 Dell | 1 Secure Connect Gateway | 2024-12-13 | N/A | 4.6 MEDIUM |
| Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to use exposed credentials to access the system with privileges of the compromised account. | |||||
| CVE-2024-47241 | 1 Dell | 1 Secure Connect Gateway | 2024-12-13 | N/A | 5.5 MEDIUM |
| Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access and modification of transmitted data. | |||||
| CVE-2024-22457 | 1 Dell | 1 Secure Connect Gateway | 2024-12-04 | N/A | 7.1 HIGH |
| Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS to SCG update path. A remote low privileged attacker could potentially exploit this vulnerability, leading to impersonation of the server through presenting a fake self-signed certificate and communicating with the remote server. | |||||
| CVE-2024-22458 | 1 Dell | 1 Secure Connect Gateway | 2024-12-04 | N/A | 3.7 LOW |
| Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext. | |||||
| CVE-2024-45766 | 1 Dell | 1 Openmanage Enterprise | 2024-12-02 | N/A | 8.0 HIGH |
| Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of Generation of Code ('Code Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution. | |||||
| CVE-2024-45767 | 1 Dell | 1 Openmanage Enterprise | 2024-12-02 | N/A | 4.3 MEDIUM |
| Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
| CVE-2024-48010 | 1 Dell | 1 Data Domain Operating System | 2024-11-26 | N/A | 6.5 MEDIUM |
| Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application. | |||||
| CVE-2024-39576 | 1 Dell | 1 Power Manager | 2024-11-26 | N/A | 8.8 HIGH |
| Dell Power Manager (DPM), versions 3.15.0 and prior, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges. | |||||