Filtered by vendor Dell
Subscribe
Total
1037 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-44297 | 1 Dell | 26 Poweredge C6620, Poweredge C6620 Firmware, Poweredge Hs5610 and 23 more | 2024-02-28 | N/A | 6.8 MEDIUM |
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service. | |||||
CVE-2023-44279 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2024-02-28 | N/A | 6.7 MEDIUM |
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A local high privileged attacker could potentially exploit this vulnerability, to bypass security restrictions. Exploitation may lead to a system take over by an attacker | |||||
CVE-2023-44305 | 1 Dell | 2 Dm5500, Dm5500 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data. | |||||
CVE-2024-0165 | 1 Dell | 1 Unity Operating Environment | 2024-02-28 | N/A | 7.8 HIGH |
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges. | |||||
CVE-2023-48662 | 1 Dell | 3 Powermax Os, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2024-02-28 | N/A | 7.2 HIGH |
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. | |||||
CVE-2023-28049 | 1 Dell | 1 Command \| Monitor | 2024-02-28 | N/A | 7.1 HIGH |
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete. | |||||
CVE-2024-22464 | 1 Dell | 1 Emc Appsync | 2024-02-28 | N/A | 6.8 MEDIUM |
Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account. | |||||
CVE-2023-39257 | 1 Dell | 1 Rugged Control Center | 2024-02-28 | N/A | 7.8 HIGH |
Dell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder when product installation repair is performed, leading to privilege escalation on the system. | |||||
CVE-2023-32453 | 1 Dell | 222 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 219 more | 2024-02-28 | N/A | 3.9 LOW |
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator. | |||||
CVE-2023-32477 | 1 Dell | 1 Common Event Enabler | 2024-02-28 | N/A | 7.8 HIGH |
Dell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. A local low-privileged malicious user may potentially exploit this vulnerability to gain elevated privileges. | |||||
CVE-2023-32489 | 1 Dell | 1 Powerscale Onefs | 2024-02-28 | N/A | 6.7 MEDIUM |
Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges. | |||||
CVE-2022-34453 | 1 Dell | 2 Xtremio X2, Xtremio X2 Firmware | 2024-02-28 | N/A | 7.1 HIGH |
Dell XtremIO X2 XMS versions prior to 6-4-1.11 contain an improper access control vulnerability. A remote read only user could potentially exploit this vulnerability to perform add/delete QoS policies which are disabled by default. | |||||
CVE-2023-32495 | 1 Dell | 1 Powerscale Onefs | 2024-02-28 | N/A | 7.8 HIGH |
Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges. | |||||
CVE-2023-43066 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2024-02-28 | N/A | 7.8 HIGH |
Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands. | |||||
CVE-2023-32481 | 1 Dell | 1 Wyse Management Suite | 2024-02-28 | N/A | 6.5 MEDIUM |
Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the configured SMTP server with numerous requests in order to deny access to the system. | |||||
CVE-2023-32493 | 1 Dell | 1 Powerscale Onefs | 2024-02-28 | N/A | 9.8 CRITICAL |
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution. | |||||
CVE-2023-32450 | 1 Dell | 1 Power Manager | 2024-02-28 | N/A | 7.8 HIGH |
Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access. | |||||
CVE-2023-39250 | 1 Dell | 3 Replay Manager For Vmware, Storage Integration Tools For Vmware, Storage Vsphere Client Plugin | 2024-02-28 | N/A | 5.5 MEDIUM |
Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks. | |||||
CVE-2023-32468 | 1 Dell | 1 Ecs Streamer | 2024-02-28 | N/A | 4.9 MEDIUM |
Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data. | |||||
CVE-2023-4129 | 1 Dell | 1 Data Protection Central | 2024-02-28 | N/A | 7.5 HIGH |
Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext. |