Filtered by vendor Dell
Subscribe
Total
1180 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-42426 | 1 Dell | 1 Powerscale Onefs | 2025-01-08 | N/A | 4.3 MEDIUM |
| Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource consumption vulnerability. A low privilege remote attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2024-29170 | 1 Dell | 1 Powerscale Onefs | 2025-01-08 | N/A | 8.1 HIGH |
| Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials vulnerability. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure of network traffic and denial of service. | |||||
| CVE-2024-0156 | 1 Dell | 1 Digital Delivery | 2025-01-08 | N/A | 7.0 HIGH |
| Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. | |||||
| CVE-2024-0155 | 1 Dell | 1 Digital Delivery | 2025-01-08 | N/A | 7.0 HIGH |
| Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code. | |||||
| CVE-2024-22463 | 1 Dell | 1 Powerscale Onefs | 2025-01-08 | N/A | 7.4 HIGH |
| Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information | |||||
| CVE-2024-24901 | 1 Dell | 1 Powerscale Onefs | 2025-01-08 | N/A | 3.0 LOW |
| Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period. | |||||
| CVE-2024-42427 | 1 Dell | 1 Wyse Thinos | 2024-12-20 | N/A | 7.6 HIGH |
| Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges. | |||||
| CVE-2024-42424 | 1 Dell | 4 7920 Xl Rack, 7920 Xl Rack Firmware, Precision 7920 Rack and 1 more | 2024-12-20 | N/A | 5.3 MEDIUM |
| Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
| CVE-2024-38304 | 1 Dell | 62 Dss 8440, Dss 8440 Firmware, Emc Storage Nx3240 and 59 more | 2024-12-20 | N/A | 3.8 LOW |
| Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
| CVE-2024-38303 | 1 Dell | 62 Dss 8440, Dss 8440 Firmware, Emc Storage Nx3240 and 59 more | 2024-12-20 | N/A | 5.3 MEDIUM |
| Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
| CVE-2024-39584 | 1 Dell | 40 Alienware Area 51m R2, Alienware Area 51m R2 Firmware, Alienware Aurora R13 and 37 more | 2024-12-20 | N/A | 8.2 HIGH |
| Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution. | |||||
| CVE-2023-43078 | 1 Dell | 695 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 692 more | 2024-12-19 | N/A | 6.7 MEDIUM |
| Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service. | |||||
| CVE-2022-34398 | 1 Dell | 478 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 475 more | 2024-12-19 | N/A | 7.5 HIGH |
| Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system. | |||||
| CVE-2024-48016 | 1 Dell | 1 Secure Connect Gateway | 2024-12-13 | N/A | 4.6 MEDIUM |
| Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to use exposed credentials to access the system with privileges of the compromised account. | |||||
| CVE-2024-47241 | 1 Dell | 1 Secure Connect Gateway | 2024-12-13 | N/A | 5.5 MEDIUM |
| Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access and modification of transmitted data. | |||||
| CVE-2024-22457 | 1 Dell | 1 Secure Connect Gateway | 2024-12-04 | N/A | 7.1 HIGH |
| Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS to SCG update path. A remote low privileged attacker could potentially exploit this vulnerability, leading to impersonation of the server through presenting a fake self-signed certificate and communicating with the remote server. | |||||
| CVE-2024-22458 | 1 Dell | 1 Secure Connect Gateway | 2024-12-04 | N/A | 3.7 LOW |
| Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext. | |||||
| CVE-2024-45766 | 1 Dell | 1 Openmanage Enterprise | 2024-12-02 | N/A | 8.0 HIGH |
| Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of Generation of Code ('Code Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution. | |||||
| CVE-2024-45767 | 1 Dell | 1 Openmanage Enterprise | 2024-12-02 | N/A | 4.3 MEDIUM |
| Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | |||||
| CVE-2024-48010 | 1 Dell | 1 Data Domain Operating System | 2024-11-26 | N/A | 6.5 MEDIUM |
| Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application. | |||||