Vulnerabilities (CVE)

Filtered by vendor Dell Subscribe
Total 1045 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-39574 1 Dell 1 Insightiq 2024-09-16 N/A 4.4 MEDIUM
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.
CVE-2024-39581 1 Dell 1 Insightiq 2024-09-16 N/A 9.8 CRITICAL
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files.
CVE-2024-42425 1 Dell 4 7920 Xl, 7920 Xl Firmware, Precision 7920 and 1 more 2024-09-16 N/A 5.5 MEDIUM
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2024-39583 1 Dell 1 Insightiq 2024-09-16 N/A 9.8 CRITICAL
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2024-39580 1 Dell 1 Insightiq 2024-09-16 N/A 6.7 MEDIUM
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2024-39582 1 Dell 1 Insightiq 2024-09-16 N/A 4.4 MEDIUM
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2024-38486 1 Dell 1 Smartfabric Os10 2024-09-13 N/A 8.8 HIGH
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
CVE-2024-37136 1 Dell 1 Path To Powerprotect 2024-09-05 N/A 4.9 MEDIUM
Dell Path to PowerProtect, versions 1.1, 1.2, contains an Exposure of Private Personal Information to an Unauthorized Actor vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information exposure.
CVE-2024-38482 1 Dell 1 Cloudlink 2024-09-05 N/A 7.2 HIGH
CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive information from the database.
CVE-2024-39579 1 Dell 1 Powerscale Onefs 2024-09-03 N/A 6.7 MEDIUM
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access.
CVE-2024-39578 1 Dell 1 Powerscale Onefs 2024-09-03 N/A 6.3 MEDIUM
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.
CVE-2024-37127 1 Dell 1 Peripheral Manager 2024-08-27 N/A 7.8 HIGH
Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege
CVE-2024-28972 1 Dell 1 Insightiq 2024-08-23 N/A 7.5 HIGH
Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to information disclosure.
CVE-2023-22576 1 Dell 1 Repository Manager 2024-08-23 N/A 7.8 HIGH
Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges using the existing vulnerability in operating system. Exploitation may lead to unavailability of the service.
CVE-2023-28074 1 Dell 2 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite 2024-08-20 N/A 7.1 HIGH
Dell BSAFE Crypto-C Micro Edition, version 4.1.5, and Dell BSAFE Micro Edition Suite, versions 4.0 through 4.6.1 and version 5.0, contains an Out-of-bounds Read vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
CVE-2024-7922 1 Dell 40 Dnr-202l, Dnr-202l Firmware, Dnr-322l and 37 more 2024-08-20 6.5 MEDIUM 9.8 CRITICAL
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by this issue is the function cgi_audio_search/cgi_create_playlist/cgi_get_album_all_tracks/cgi_get_alltracks_editlist/cgi_get_artist_all_album/cgi_get_genre_all_tracks/cgi_get_tracks_list/cgi_set_airplay_content/cgi_write_playlist of the file /cgi-bin/myMusic.cgi. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced.
CVE-2024-28962 1 Dell 3 Alienware Update, Command Update, Update 2024-08-19 N/A 7.5 HIGH
Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
CVE-2024-37129 1 Dell 1 Inventory Collector 2024-08-13 N/A 7.8 HIGH
Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A local authenticated malicious user could potentially exploit this vulnerability, leading to arbitrary code execution on the system.
CVE-2024-37142 1 Dell 1 Peripheral Manager 2024-08-08 N/A 7.8 HIGH
Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege
CVE-2024-32857 1 Dell 1 Peripheral Manager 2024-08-08 N/A 7.8 HIGH
Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege