Filtered by vendor Dell
Subscribe
Total
1322 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-36592 | 1 Dell | 1 Policy Manager For Secure Connect Gateway | 2025-11-10 | N/A | 5.4 MEDIUM |
| Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Script injection. | |||||
| CVE-2020-11899 | 2 Dell, Treck | 7 Wyse 5030, Wyse 5030 Firmware, Wyse 5050 All-in-one and 4 more | 2025-11-07 | 4.8 MEDIUM | 5.4 MEDIUM |
| The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | |||||
| CVE-2025-30479 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 8.4 HIGH |
| Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system. | |||||
| CVE-2025-46424 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 6.7 MEDIUM |
| Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service. | |||||
| CVE-2025-46366 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 6.7 MEDIUM |
| Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information. | |||||
| CVE-2025-46365 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 5.3 MEDIUM |
| Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink. | |||||
| CVE-2025-46364 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 9.1 CRITICAL |
| Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain control of system. | |||||
| CVE-2025-45379 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 8.4 HIGH |
| Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to gain shell access of system. | |||||
| CVE-2025-45378 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 9.1 CRITICAL |
| Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system. If ssh is enabled with web credentials of server, attack is possible through network with known privileged user/password. | |||||
| CVE-2025-46422 | 1 Dell | 1 Unity Operating Environment | 2025-11-07 | N/A | 7.8 HIGH |
| Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. | |||||
| CVE-2025-43942 | 1 Dell | 1 Unity Operating Environment | 2025-11-07 | N/A | 7.8 HIGH |
| Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges. | |||||
| CVE-2025-46423 | 1 Dell | 1 Unity Operating Environment | 2025-11-07 | N/A | 7.8 HIGH |
| Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. | |||||
| CVE-2019-3728 | 1 Dell | 3 Bsafe Crypto-c, Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite | 2025-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| RSA BSAFE Crypto-C Micro Edition versions from 4.0.0.0 before 4.0.5.4 and from 4.1.0 before 4.1.4, RSA BSAFE Micro Edition Suite versions from 4.0.0 before 4.0.13 and from 4.1.0 before 4.4 and RSA Crypto-C versions from 6.0.0 through 6.4.* are vulnerable to an out-of-bounds read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system. | |||||
| CVE-2025-22476 | 1 Dell | 1 Storage Manager | 2025-11-04 | N/A | 5.5 MEDIUM |
| Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Remote execution. | |||||
| CVE-2025-43726 | 1 Dell | 1 Alienware Command Center | 2025-11-04 | N/A | 6.7 MEDIUM |
| Dell Alienware Command Center 5.x (AWCC), versions prior to 5.10.2.0, contains an Improper Link Resolution Before File Access ('Link Following')" vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | |||||
| CVE-2025-43725 | 1 Dell | 1 Powerprotect Data Manager | 2025-11-04 | N/A | 7.8 HIGH |
| Dell PowerProtect Data Manager, Generic Application Agent, version(s) 19.19 and 19.20, contain(s) an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | |||||
| CVE-2025-43991 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2025-11-04 | N/A | 6.3 MEDIUM |
| SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link (Symlink) following vulnerability. A low privileged attacker with local access to the system could potentially exploit this vulnerability to delete arbitrary files only in that affected system. | |||||
| CVE-2025-46602 | 1 Dell | 1 Supportassist Os Recovery | 2025-11-04 | N/A | 4.4 MEDIUM |
| Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. | |||||
| CVE-2025-43995 | 1 Dell | 1 Storage Manager | 2025-11-04 | N/A | 9.8 CRITICAL |
| Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Authentication Bypass in DSM Data Collector. An unauthenticated remote attacker can access APIs exposed by ApiProxy.war in DataCollectorEar.ear by using a special SessionKey and UserId. These userid are special users created in compellentservicesapi for special purposes. | |||||
| CVE-2025-43994 | 1 Dell | 1 Storage Manager | 2025-11-04 | N/A | 8.6 HIGH |
| Dell Storage Center - Dell Storage Manager, version(s) DSM 20.1.21, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | |||||