Filtered by vendor Dell
Subscribe
Total
1013 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-32491 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-02-28 | N/A | 7.8 HIGH |
Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM. | |||||
CVE-2022-34394 | 1 Dell | 1 Smartfabric Os10 | 2024-02-28 | N/A | 3.7 LOW |
Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain access to the Support Assist information. | |||||
CVE-2022-31228 | 1 Dell | 3 Xtremio Management Server, Xtremio X1, Xtremio X2 | 2024-02-28 | N/A | 9.8 CRITICAL |
Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability. A remote unauthenticated attacker can potentially exploit this vulnerability and gain access to an admin account. | |||||
CVE-2022-31232 | 1 Dell | 1 Smartfabric Storage Software | 2024-02-28 | N/A | 9.8 CRITICAL |
SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access and perform actions on the affected system. | |||||
CVE-2022-32489 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-02-28 | N/A | 7.8 HIGH |
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||||
CVE-2022-26861 | 1 Dell | 798 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3980 and 795 more | 2024-02-28 | N/A | 7.8 HIGH |
Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM. | |||||
CVE-2022-33932 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 5.3 MEDIUM |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services. | |||||
CVE-2022-33937 | 1 Dell | 1 Geodrive | 2024-02-28 | N/A | 7.1 HIGH |
Dell GeoDrive, Versions 1.0 - 2.2, contain a Path Traversal Vulnerability in the reporting function. A local, low privileged attacker could potentially exploit this vulnerability, to gain unauthorized delete access to the files stored on the server filesystem, with the privileges of the GeoDrive service: NT AUTHORITY\SYSTEM. | |||||
CVE-2022-33923 | 1 Dell | 10 Emc Powerstore 1200t, Emc Powerstore 1200t Firmware, Emc Powerstore 3200t and 7 more | 2024-02-28 | N/A | 7.8 HIGH |
Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker. | |||||
CVE-2022-34371 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 9.8 CRITICAL |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise. | |||||
CVE-2022-34427 | 1 Dell | 1 Container Storage Modules | 2024-02-28 | N/A | 8.8 HIGH |
Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this vulnerability leading to modification of intended OS command execution. | |||||
CVE-2022-22555 | 1 Dell | 10 Emc Powerstore 1200t, Emc Powerstore 1200t Firmware, Emc Powerstore 3200t and 7 more | 2024-02-28 | N/A | 6.7 MEDIUM |
Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege. | |||||
CVE-2022-34438 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 6.7 MEDIUM |
Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters. | |||||
CVE-2022-34431 | 1 Dell | 1 Hybrid Client | 2024-02-28 | N/A | 6.5 MEDIUM |
Dell Hybrid Client below 1.8 version contains a guest user profile corruption vulnerability. A WMS privilege attacker could potentially exploit this vulnerability, leading to DHC system not being accessible. | |||||
CVE-2022-34367 | 1 Dell | 1 Emc Data Protection Central | 2024-02-28 | N/A | 8.8 HIGH |
Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. A(n) remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations. | |||||
CVE-2022-34368 | 1 Dell | 1 Emc Networker | 2024-02-28 | N/A | 6.5 MEDIUM |
Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources. | |||||
CVE-2022-22566 | 1 Dell | 428 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 425 more | 2024-02-28 | 7.2 HIGH | 7.2 HIGH |
Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device. | |||||
CVE-2022-26851 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss. | |||||
CVE-2022-23161 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service. | |||||
CVE-2022-24424 | 1 Dell | 1 Emc Appsync | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. |