Vulnerabilities (CVE)

Filtered by vendor Dell Subscribe
Total 1037 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-44297 1 Dell 26 Poweredge C6620, Poweredge C6620 Firmware, Poweredge Hs5610 and 23 more 2024-02-28 N/A 6.8 MEDIUM
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service.
CVE-2023-44279 1 Dell 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more 2024-02-28 N/A 6.7 MEDIUM
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A local high privileged attacker could potentially exploit this vulnerability, to bypass security restrictions. Exploitation may lead to a system take over by an attacker
CVE-2023-44305 1 Dell 2 Dm5500, Dm5500 Firmware 2024-02-28 N/A 9.8 CRITICAL
Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.
CVE-2024-0165 1 Dell 1 Unity Operating Environment 2024-02-28 N/A 7.8 HIGH
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges.
CVE-2023-48662 1 Dell 3 Powermax Os, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance 2024-02-28 N/A 7.2 HIGH
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system.
CVE-2023-28049 1 Dell 1 Command \| Monitor 2024-02-28 N/A 7.1 HIGH
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete.
CVE-2024-22464 1 Dell 1 Emc Appsync 2024-02-28 N/A 6.8 MEDIUM
Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account.
CVE-2023-39257 1 Dell 1 Rugged Control Center 2024-02-28 N/A 7.8 HIGH
Dell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder when product installation repair is performed, leading to privilege escalation on the system.
CVE-2023-32453 1 Dell 222 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 219 more 2024-02-28 N/A 3.9 LOW
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.
CVE-2023-32477 1 Dell 1 Common Event Enabler 2024-02-28 N/A 7.8 HIGH
Dell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. A local low-privileged malicious user may potentially exploit this vulnerability to gain elevated privileges.
CVE-2023-32489 1 Dell 1 Powerscale Onefs 2024-02-28 N/A 6.7 MEDIUM
Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges.  
CVE-2022-34453 1 Dell 2 Xtremio X2, Xtremio X2 Firmware 2024-02-28 N/A 7.1 HIGH
Dell XtremIO X2 XMS versions prior to 6-4-1.11 contain an improper access control vulnerability. A remote read only user could potentially exploit this vulnerability to perform add/delete QoS policies which are disabled by default.
CVE-2023-32495 1 Dell 1 Powerscale Onefs 2024-02-28 N/A 7.8 HIGH
Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges.
CVE-2023-43066 1 Dell 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment 2024-02-28 N/A 7.8 HIGH
Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands.
CVE-2023-32481 1 Dell 1 Wyse Management Suite 2024-02-28 N/A 6.5 MEDIUM
Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the configured SMTP server with numerous requests in order to deny access to the system.
CVE-2023-32493 1 Dell 1 Powerscale Onefs 2024-02-28 N/A 9.8 CRITICAL
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution.
CVE-2023-32450 1 Dell 1 Power Manager 2024-02-28 N/A 7.8 HIGH
Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access.
CVE-2023-39250 1 Dell 3 Replay Manager For Vmware, Storage Integration Tools For Vmware, Storage Vsphere Client Plugin 2024-02-28 N/A 5.5 MEDIUM
Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks.
CVE-2023-32468 1 Dell 1 Ecs Streamer 2024-02-28 N/A 4.9 MEDIUM
Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data.
CVE-2023-4129 1 Dell 1 Data Protection Central 2024-02-28 N/A 7.5 HIGH
Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext.