Filtered by vendor Dell
Subscriptions
Total
1194 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-48674 | 1 Dell | 346 Latitude 5280, Latitude 5280 Firmware, Latitude 5288 and 343 more | 2025-01-31 | 6.8 Medium |
| Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function. | ||||
| CVE-2023-39254 | 1 Dell | 1 Update Package Framework | 2025-01-31 | 6.7 Medium |
| Dell Update Package (DUP), Versions prior to 4.9.10 contain an Uncontrolled Search Path vulnerability. A malicious user with local access to the system could potentially exploit this vulnerability to run arbitrary code as admin. | ||||
| CVE-2024-0154 | 1 Dell | 248 Dss 8440, Dss 8440 Firmware, Emc Xc Core 6420 System and 245 more | 2025-01-31 | 3.8 Low |
| Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory. | ||||
| CVE-2024-0173 | 1 Dell | 248 Dss 8440, Dss 8440 Firmware, Emc Xc Core 6420 System and 245 more | 2025-01-31 | 3.8 Low |
| Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory. | ||||
| CVE-2023-28070 | 1 Dell | 1 Alienware Command Center | 2025-01-30 | 6.7 Medium |
| Alienware Command Center Application, versions 5.5.43.0 and prior, contain an improper access control vulnerability. A local malicious user could potentially exploit this vulnerability during installation or update process leading to privilege escalation. | ||||
| CVE-2024-22429 | 1 Dell | 100 Edge Gateway 3000, Edge Gateway 3000 Firmware, Edge Gateway 5000 and 97 more | 2025-01-30 | 7.5 High |
| Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution. | ||||
| CVE-2024-51532 | 1 Dell | 12 Powerstore 1000t, Powerstore 1200t, Powerstore 3000t and 9 more | 2025-01-29 | 7.1 High |
| Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files. | ||||
| CVE-2024-47978 | 1 Dell | 1 Nativeedge Orchestrator | 2025-01-29 | 7.8 High |
| Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2024-52535 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2025-01-29 | 7.1 High |
| Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remediation component. A low-privileged authenticated user could potentially exploit this vulnerability, gaining privileges escalation, leading to arbitrary deletion of files and folders from the system. | ||||
| CVE-2024-53291 | 1 Dell | 1 Nativeedge Orchestrator | 2025-01-29 | 7.5 High |
| Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through Metadata vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2024-52543 | 1 Dell | 1 Nativeedge Orchestrator | 2025-01-29 | 6.5 Medium |
| Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of Temporary File With Insecure Permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2023-25934 | 1 Dell | 1 Elastic Cloud Storage | 2025-01-29 | 5.9 Medium |
| DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request. | ||||
| CVE-2023-28068 | 1 Dell | 1 Command \| Monitor | 2025-01-29 | 7.3 High |
| Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path | ||||
| CVE-2024-25962 | 1 Dell | 1 Insightiq | 2025-01-28 | 8.3 High |
| Dell InsightIQ, version 5.0, contains an improper access control vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to monitoring data. | ||||
| CVE-2024-25958 | 1 Dell | 2 Grab, Grab For Windows | 2025-01-28 | 6.7 Medium |
| Dell Grab for Windows, versions up to and including 5.0.4, contain Weak Application Folder Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to privilege escalation, unauthorized access to application data, unauthorized modification of application data and service disruption. | ||||
| CVE-2024-25957 | 1 Dell | 1 Grab | 2025-01-28 | 4.8 Medium |
| Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure that could be used to access the appsync application with elevated privileges. | ||||
| CVE-2024-25956 | 1 Dell | 1 Grab | 2025-01-28 | 5.5 Medium |
| Dell Grab for Windows, versions 5.0.4 and below, contains an improper file permissions vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information disclosure of certain system information. | ||||
| CVE-2024-25946 | 1 Dell | 3 Powermax Eem, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2025-01-27 | 7.2 High |
| Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity. | ||||
| CVE-2024-25955 | 1 Dell | 3 Powermax Eem, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2025-01-27 | 7.2 High |
| Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity. | ||||
| CVE-2024-25971 | 1 Dell | 1 Powerprotect Data Manager | 2025-01-27 | 5.5 Medium |
| Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service. | ||||