Filtered by vendor Dell Subscriptions
Total 1077 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-28073 1 Dell 4 Latitude 5530, Latitude 5530 Firmware, Precision 3570 and 1 more 2024-12-04 8.2 High
Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by bypassing certain authentication mechanisms in order to elevate privileges on the system.
CVE-2023-28065 2 Dell, Microsoft 4 Alienware Update, Command Update, Update and 1 more 2024-12-04 6.7 Medium
Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation.
CVE-2024-47476 1 Dell 1 Networker Management Console 2024-12-03 7.8 High
Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of Cryptographic Signature vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Code execution.
CVE-2024-42422 1 Dell 1 Networker 2024-12-03 8.3 High
Dell NetWorker, version(s) 19.10, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2024-45766 1 Dell 1 Openmanage Enterprise 2024-12-02 8 High
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of Generation of Code ('Code Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.
CVE-2024-45767 1 Dell 1 Openmanage Enterprise 2024-12-02 4.3 Medium
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2023-32480 1 Dell 63 Alienware M15 R7, Alienware M15 R7 Firmware, Cpg Bios and 60 more 2024-11-29 6.8 Medium
Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.
CVE-2024-48010 1 Dell 5 Apex Protection Storage, Data Domain Operating System, Emc Data Domain Os and 2 more 2024-11-26 6.5 Medium
Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application.
CVE-2024-49596 1 Dell 2 Dell Wyse Management Suite Repository, Wyse Management Suite 2024-11-26 5.9 Medium
Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service and arbitrary file deletion
CVE-2024-39576 1 Dell 1 Power Manager 2024-11-26 8.8 High
Dell Power Manager (DPM), versions 3.15.0 and prior, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.
CVE-2024-48011 1 Dell 1 Data Domain Operating System 2024-11-26 3.1 Low
Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2024-45759 1 Dell 1 Data Domain Operating System 2024-11-26 6.8 Medium
Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system.
CVE-2024-37125 1 Dell 1 Smartfabric Os10 2024-11-25 7.5 High
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an Uncontrolled Resource Consumption vulnerability. A remote unauthenticated host could potentially exploit this vulnerability leading to a denial of service.
CVE-2024-39577 1 Dell 1 Smartfabric Os10 2024-11-25 7.1 High
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability leading to code execution.
CVE-2024-38305 1 Dell 1 Supportassist For Home Pcs 2024-11-25 7.3 High
Dell SupportAssist for Home PCs Installer exe version 4.0.3 contains a privilege escalation vulnerability in the installer. A local low-privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executables on the operating system with elevated privileges.
CVE-2024-37135 1 Dell 2 Dm5500, Dm5500 Firmware 2024-11-22 3.3 Low
DM5500 5.16.0.0, contains an information disclosure vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
CVE-2023-44304 1 Dell 2 Dm5500, Dm5500 Firmware 2024-11-21 8.8 High
Dell DM5500 contains a privilege escalation vulnerability in the appliance. A remote attacker with low privileges could potentially exploit this vulnerability to escape the restricted shell and gain root access to the appliance.
CVE-2023-44284 1 Dell 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more 2024-11-21 4.3 Medium
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an SQL Injection vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing unauthorized read access to application data.
CVE-2024-38301 1 Dell 1 Alienware Command Center 2024-11-21 6.7 Medium
Dell Alienware Command Center, version 5.7.3.0 and prior, contains an improper access control vulnerability. A low privileged attacker could potentially exploit this vulnerability, leading to denial of service on the local system and information disclosure.
CVE-2024-37141 1 Dell 1 Data Domain Operating System 2024-11-21 3.5 Low
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an open redirect vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.