Filtered by vendor Dell
Subscribe
Total
1199 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23160 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 4.0 MEDIUM | 5.4 MEDIUM |
| Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. An remote malicious user could potentially exploit this vulnerability, leading to gaining write permissions on read-only files. | |||||
| CVE-2022-23159 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 4.0 MEDIUM | 4.8 MEDIUM |
| Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. This can also impact a cluster in Compliance mode. Dell recommends to update at the earliest opportunity. | |||||
| CVE-2022-23158 | 1 Dell | 1 Wyse Device Agent | 2024-11-21 | 2.1 LOW | 6.0 MEDIUM |
| Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with standard privilege could potentially exploit this vulnerability and provide incorrect port information and get connected to valid WMS server | |||||
| CVE-2022-23157 | 1 Dell | 1 Wyse Device Agent | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A authenticated malicious user could potentially exploit this vulnerability in order to view sensitive information from the WMS Server. | |||||
| CVE-2022-23156 | 1 Dell | 1 Wyse Device Agent | 2024-11-21 | 4.6 MEDIUM | 6.0 MEDIUM |
| Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A malicious user could potentially exploit this vulnerability by providing invalid input in order to obtain a connection to WMS server. | |||||
| CVE-2022-23155 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges can exploit this vulnerability in order to execute arbitrary code on the system. | |||||
| CVE-2022-22567 | 1 Dell | 428 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 425 more | 2024-11-21 | 3.6 LOW | 4.7 MEDIUM |
| Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware. | |||||
| CVE-2022-22566 | 1 Dell | 428 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 425 more | 2024-11-21 | 7.2 HIGH | 6.9 MEDIUM |
| Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device. | |||||
| CVE-2022-22565 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 5.5 MEDIUM | 4.7 MEDIUM |
| Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user could potentially exploit this vulnerability, leading to disclosure or modification of sensitive data. | |||||
| CVE-2022-22564 | 1 Dell | 3 Emc Unity Operating Environment, Emc Unity Xt Operating Environment, Emc Unityvsa Operating Environment | 2024-11-21 | N/A | 5.9 MEDIUM |
| Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information. | |||||
| CVE-2022-22563 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes. | |||||
| CVE-2022-22562 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability. | |||||
| CVE-2022-22561 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
| Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts. | |||||
| CVE-2022-22560 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 4.9 MEDIUM | 7.1 HIGH |
| Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline. | |||||
| CVE-2022-22559 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could exploit this vulnerability, leading to the potential for information disclosure. | |||||
| CVE-2022-22558 | 1 Dell | 40 C4130, C4130 Firmware, C6320 and 37 more | 2024-11-21 | 3.6 LOW | 5.7 MEDIUM |
| Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of service. | |||||
| CVE-2022-22557 | 1 Dell | 3 Powerstore T, Powerstore X, Powerstoreos | 2024-11-21 | 7.2 HIGH | 7.5 HIGH |
| PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | |||||
| CVE-2022-22556 | 1 Dell | 3 Powerstore T, Powerstore X, Powerstoreos | 2024-11-21 | 7.8 HIGH | 3.7 LOW |
| Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the Denial of Service. | |||||
| CVE-2022-22555 | 1 Dell | 10 Emc Powerstore 1200t, Emc Powerstore 1200t Firmware, Emc Powerstore 3200t and 7 more | 2024-11-21 | N/A | 6.0 MEDIUM |
| Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege. | |||||
| CVE-2022-22554 | 1 Dell | 1 Emc System Update | 2024-11-21 | 2.1 LOW | 8.2 HIGH |
| Dell EMC System Update, version 1.9.2 and prior, contain an Unprotected Storage of Credentials vulnerability. A local attacker with user privleges could potentially exploit this vulnerability leading to the disclosure of user passwords. | |||||