Vulnerabilities (CVE)

Filtered by vendor Dell Subscribe
Total 1046 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-32461 1 Dell 104 Emc Xc Core Xc450, Emc Xc Core Xc450 Firmware, Emc Xc Core Xc650 and 101 more 2024-11-21 N/A 5.0 MEDIUM
Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.  
CVE-2023-32460 1 Dell 252 Dss 8440, Dss 8440 Firmware, Emc Nx440 Firmware and 249 more 2024-11-21 N/A 8.8 HIGH
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
CVE-2023-32457 1 Dell 1 Powerscale Onefs 2024-11-21 N/A 7.5 HIGH
Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges.
CVE-2023-32455 1 Dell 10 Latitude 3420, Latitude 3440, Latitude 5440 and 7 more 2024-11-21 N/A 5.5 MEDIUM
Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.
CVE-2023-32454 1 Dell 1 Update Package Framework 2024-11-21 N/A 6.3 MEDIUM
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service
CVE-2023-32453 1 Dell 222 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 219 more 2024-11-21 N/A 4.6 MEDIUM
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.
CVE-2023-32451 1 Dell 1 Display Manager 2024-11-21 N/A 7.3 HIGH
Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation
CVE-2023-32450 1 Dell 1 Power Manager 2024-11-21 N/A 6.1 MEDIUM
Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access.
CVE-2023-32449 1 Dell 11 Powerstore 1000t, Powerstore 1200t, Powerstore 3000t and 8 more 2024-11-21 N/A 7.2 HIGH
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks
CVE-2023-32448 1 Dell 1 Powerpath 2024-11-21 N/A 5.5 MEDIUM
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext vulnerability. A local user with access to the installation directory can retrieve the license key of the product and use it to install and license PowerPath on different systems.
CVE-2023-32447 1 Dell 10 Latitude 3420, Latitude 3440, Latitude 5440 and 7 more 2024-11-21 N/A 5.5 MEDIUM
Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure vulnerability. A malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.
CVE-2023-32446 1 Dell 10 Latitude 3420, Latitude 3440, Latitude 5440 and 7 more 2024-11-21 N/A 5.5 MEDIUM
Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.
CVE-2023-28080 1 Dell 1 Powerpath 2024-11-21 N/A 6.7 MEDIUM
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hijacking Vulnerabilities. A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.
CVE-2023-28079 1 Dell 1 Powerpath 2024-11-21 N/A 7.0 HIGH
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains Insecure File and Folder Permissions vulnerability. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.
CVE-2023-28077 1 Dell 1 Bsafe Ssl-j 2024-11-21 N/A 4.4 MEDIUM
Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user.
CVE-2023-28076 1 Dell 1 Cloudlink 2024-11-21 N/A 5.9 MEDIUM
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure.
CVE-2023-28075 1 Dell 484 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 481 more 2024-11-21 N/A 6.9 MEDIUM
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.
CVE-2023-28073 1 Dell 4 Latitude 5530, Latitude 5530 Firmware, Precision 3570 and 1 more 2024-11-21 N/A 8.2 HIGH
Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by bypassing certain authentication mechanisms in order to elevate privileges on the system.
CVE-2023-28072 1 Dell 1 Alienware Command Center 2024-11-21 N/A 7.8 HIGH
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system.
CVE-2023-28071 2 Dell, Microsoft 4 Alienware Update, Command Update, Update and 1 more 2024-11-21 N/A 6.3 MEDIUM
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).