Filtered by vendor Dell
Subscribe
Total
1199 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31226 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 7.1 HIGH |
| Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system. | |||||
| CVE-2022-31225 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 3.0 LOW |
| Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures. | |||||
| CVE-2022-31224 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 2.0 LOW |
| Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by triggering a fault condition in order to change the behavior of the system. | |||||
| CVE-2022-31223 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 2.3 LOW |
| Dell BIOS versions contain an Improper Neutralization of Null Byte vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by sending unexpected null bytes in order to read memory on the system. | |||||
| CVE-2022-31222 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 2.3 LOW |
| Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by consuming excess memory in order to cause the application to crash. | |||||
| CVE-2022-31221 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 2.3 LOW |
| Dell BIOS versions contain an Information Exposure vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order access sensitive state information on the system. | |||||
| CVE-2022-31220 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 3.0 LOW |
| Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures. | |||||
| CVE-2022-29098 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | 5.0 MEDIUM | 8.1 HIGH |
| Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. An administrator may create an account with no password. A remote attacker may potentially exploit this leading to a user account compromise. | |||||
| CVE-2022-29097 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. | |||||
| CVE-2022-29096 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 3.5 LOW | 6.1 MEDIUM |
| Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | |||||
| CVE-2022-29095 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2024-11-21 | 7.6 HIGH | 8.3 HIGH |
| Dell SupportAssist Client Consumer versions (3.10.4 and prior) and Dell SupportAssist Client Commercial versions (3.1.1 and prior) contain a cross-site scripting vulnerability. A remote unauthenticated malicious user could potentially exploit this vulnerability under specific conditions leading to execution of malicious code on a vulnerable system. | |||||
| CVE-2022-29094 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion/overwrite vulnerability. Authenticated non-admin user could exploit the issue and delete or overwrite arbitrary files on the system. | |||||
| CVE-2022-29093 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion vulnerability. Authenticated non-admin user could exploit the issue and delete arbitrary files on the system. | |||||
| CVE-2022-29092 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. A non-admin user can exploit the vulnerability and gain admin access to the system. | |||||
| CVE-2022-29091 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in Unisphere GUI. An Unauthenticated Remote Attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | |||||
| CVE-2022-29090 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | N/A | 8.5 HIGH |
| Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. A low privileged malicious user could potentially exploit this vulnerability in order to obtain credentials. The attacker may be able to use the exposed credentials to access the target device and perform unauthorized actions. | |||||
| CVE-2022-29089 | 1 Dell | 1 Smartfabric Os10 | 2024-11-21 | N/A | 6.4 MEDIUM |
| Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges. | |||||
| CVE-2022-29085 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2024-11-21 | 4.6 MEDIUM | 6.4 MEDIUM |
| Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user. | |||||
| CVE-2022-29084 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2024-11-21 | 10.0 HIGH | 8.1 HIGH |
| Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain access to the system as the victim. Account takeover is possible if weak passwords are used by users. | |||||
| CVE-2022-29083 | 1 Dell | 216 Chengming 3980, Chengming 3980 Firmware, Chengming 3990 and 213 more | 2024-11-21 | N/A | 6.8 MEDIUM |
| Prior Dell BIOS versions contain an Improper Authentication vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability by bypassing drive security mechanisms in order to gain access to the system. | |||||