Filtered by vendor Dell
Subscribe
Total
1045 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-39574 | 1 Dell | 1 Insightiq | 2024-09-16 | N/A | 4.4 MEDIUM |
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. | |||||
CVE-2024-39581 | 1 Dell | 1 Insightiq | 2024-09-16 | N/A | 9.8 CRITICAL |
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files. | |||||
CVE-2024-42425 | 1 Dell | 4 7920 Xl, 7920 Xl Firmware, Precision 7920 and 1 more | 2024-09-16 | N/A | 5.5 MEDIUM |
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
CVE-2024-39583 | 1 Dell | 1 Insightiq | 2024-09-16 | N/A | 9.8 CRITICAL |
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. | |||||
CVE-2024-39580 | 1 Dell | 1 Insightiq | 2024-09-16 | N/A | 6.7 MEDIUM |
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | |||||
CVE-2024-39582 | 1 Dell | 1 Insightiq | 2024-09-16 | N/A | 4.4 MEDIUM |
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
CVE-2024-38486 | 1 Dell | 1 Smartfabric Os10 | 2024-09-13 | N/A | 8.8 HIGH |
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. | |||||
CVE-2024-37136 | 1 Dell | 1 Path To Powerprotect | 2024-09-05 | N/A | 4.9 MEDIUM |
Dell Path to PowerProtect, versions 1.1, 1.2, contains an Exposure of Private Personal Information to an Unauthorized Actor vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information exposure. | |||||
CVE-2024-38482 | 1 Dell | 1 Cloudlink | 2024-09-05 | N/A | 7.2 HIGH |
CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive information from the database. | |||||
CVE-2024-39579 | 1 Dell | 1 Powerscale Onefs | 2024-09-03 | N/A | 6.7 MEDIUM |
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access. | |||||
CVE-2024-39578 | 1 Dell | 1 Powerscale Onefs | 2024-09-03 | N/A | 6.3 MEDIUM |
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering. | |||||
CVE-2024-37127 | 1 Dell | 1 Peripheral Manager | 2024-08-27 | N/A | 7.8 HIGH |
Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege | |||||
CVE-2024-28972 | 1 Dell | 1 Insightiq | 2024-08-23 | N/A | 7.5 HIGH |
Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to information disclosure. | |||||
CVE-2023-22576 | 1 Dell | 1 Repository Manager | 2024-08-23 | N/A | 7.8 HIGH |
Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges using the existing vulnerability in operating system. Exploitation may lead to unavailability of the service. | |||||
CVE-2023-28074 | 1 Dell | 2 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite | 2024-08-20 | N/A | 7.1 HIGH |
Dell BSAFE Crypto-C Micro Edition, version 4.1.5, and Dell BSAFE Micro Edition Suite, versions 4.0 through 4.6.1 and version 5.0, contains an Out-of-bounds Read vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Information exposure. | |||||
CVE-2024-7922 | 1 Dell | 40 Dnr-202l, Dnr-202l Firmware, Dnr-322l and 37 more | 2024-08-20 | 6.5 MEDIUM | 9.8 CRITICAL |
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by this issue is the function cgi_audio_search/cgi_create_playlist/cgi_get_album_all_tracks/cgi_get_alltracks_editlist/cgi_get_artist_all_album/cgi_get_genre_all_tracks/cgi_get_tracks_list/cgi_set_airplay_content/cgi_write_playlist of the file /cgi-bin/myMusic.cgi. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. | |||||
CVE-2024-28962 | 1 Dell | 3 Alienware Update, Command Update, Update | 2024-08-19 | N/A | 7.5 HIGH |
Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. | |||||
CVE-2024-37129 | 1 Dell | 1 Inventory Collector | 2024-08-13 | N/A | 7.8 HIGH |
Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A local authenticated malicious user could potentially exploit this vulnerability, leading to arbitrary code execution on the system. | |||||
CVE-2024-37142 | 1 Dell | 1 Peripheral Manager | 2024-08-08 | N/A | 7.8 HIGH |
Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege | |||||
CVE-2024-32857 | 1 Dell | 1 Peripheral Manager | 2024-08-08 | N/A | 7.8 HIGH |
Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege |