Filtered by vendor Dell
Subscribe
Total
1013 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32482 | 1 Dell | 378 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 375 more | 2024-02-28 | N/A | 5.1 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||
| CVE-2023-23692 | 1 Dell | 1 Emc Data Domain Os | 2024-02-28 | N/A | 8.8 HIGH |
| Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. | |||||
| CVE-2022-34377 | 1 Dell | 160 C4130, C4130 Firmware, C4140 and 157 more | 2024-02-28 | N/A | 6.7 MEDIUM |
| Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. | |||||
| CVE-2022-34410 | 1 Dell | 160 C4130, C4130 Firmware, C4140 and 157 more | 2024-02-28 | N/A | 6.7 MEDIUM |
| Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. | |||||
| CVE-2022-45098 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 5.5 MEDIUM |
| Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information vulnerability in S3 component. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure. | |||||
| CVE-2023-23696 | 1 Dell | 1 Command \| Intel Vpro Out Of Band | 2024-02-28 | N/A | 7.8 HIGH |
| Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization vulnerability. A locally authenticated malicious users could potentially exploit this vulnerability in order to write arbitrary files to the system. | |||||
| CVE-2023-23690 | 1 Dell | 1 Cloud Mobility For Dell Emc Storage | 2024-02-28 | N/A | 7.0 HIGH |
| Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for Certificate Revocation vulnerability. A threat actor does not need any specific privileges to potentially exploit this vulnerability. An attacker could perform a man-in-the-middle attack and eavesdrop on encrypted communications from Cloud Mobility to Cloud Storage devices. Exploitation could lead to the compromise of secret and sensitive information, cloud storage connection downtime, and the integrity of the connection to the Cloud devices. | |||||
| CVE-2023-23697 | 1 Dell | 1 Command \| Intel Vpro Out Of Band | 2024-02-28 | N/A | 3.3 LOW |
| Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. | |||||
| CVE-2022-34448 | 1 Dell | 1 Powerpath Management Appliance | 2024-02-28 | N/A | 8.8 HIGH |
| PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions. | |||||
| CVE-2022-34447 | 1 Dell | 1 Powerpath Management Appliance | 2024-02-28 | N/A | 7.2 HIGH |
| PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user. | |||||
| CVE-2022-33934 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 4.8 MEDIUM |
| Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields. | |||||
| CVE-2022-34451 | 1 Dell | 1 Powerpath Management Appliance | 2024-02-28 | N/A | 4.8 MEDIUM |
| PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to the server. | |||||
| CVE-2022-34397 | 1 Dell | 3 Evasa Provider Virtual Appliance, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2024-02-28 | N/A | 5.7 MEDIUM |
| Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized. | |||||
| CVE-2022-34446 | 1 Dell | 1 Powerpath Management Appliance | 2024-02-28 | N/A | 8.1 HIGH |
| PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration. | |||||
| CVE-2022-34441 | 1 Dell | 1 Emc Secure Connect Gateway Policy Manager | 2024-02-28 | N/A | 9.8 CRITICAL |
| Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges. | |||||
| CVE-2022-34459 | 1 Dell | 3 Alienware Update, Command Update, Update | 2024-02-28 | N/A | 7.8 HIGH |
| Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a improper verification of cryptographic signature in get applicable driver component. A local malicious user could potentially exploit this vulnerability leading to malicious payload execution. | |||||
| CVE-2022-46677 | 1 Dell | 1 Wyse Management Suite | 2024-02-28 | N/A | 4.9 MEDIUM |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an custom group admin can create a subgroup under a group for which the admin is not authorized. | |||||
| CVE-2022-34376 | 1 Dell | 160 C4130, C4130 Firmware, C4140 and 157 more | 2024-02-28 | N/A | 5.5 MEDIUM |
| Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM. | |||||
| CVE-2022-34364 | 1 Dell | 1 Bsafe Ssl-j | 2024-02-28 | N/A | 4.4 MEDIUM |
| Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. . | |||||
| CVE-2022-34403 | 1 Dell | 166 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 163 more | 2024-02-28 | N/A | 8.8 HIGH |
| Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM. | |||||