Filtered by vendor Dell
Subscriptions
Total
1077 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-44296 | 1 Dell | 1 E-lab Navigator | 2024-11-21 | 8.4 High |
Dell ELab-Navigator, version 3.1.9 contains a hard-coded credential vulnerability. A local attacker could potentially exploit this vulnerability, leading to unauthorized access to sensitive data. Successful exploitation may result in the compromise of confidential user information. | ||||
CVE-2023-44295 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | 6.3 Medium |
Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to loss of information, and information disclosure. | ||||
CVE-2023-44294 | 1 Dell | 1 Secure Connect Gateway | 2024-11-21 | 5.4 Medium |
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. This issue may potentially lead to unintentional information disclosure from the product database. | ||||
CVE-2023-44293 | 1 Dell | 1 Secure Connect Gateway | 2024-11-21 | 5.4 Medium |
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially lead to unintentional information disclosure from the product database. | ||||
CVE-2023-44292 | 1 Dell | 1 Repository Manager | 2024-11-21 | 6.7 Medium |
Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. A local low-privileged attacker could potentially exploit this vulnerability, leading to gaining escalated privileges. | ||||
CVE-2023-44291 | 1 Dell | 2 Powerprotect Data Manager Dm5500, Powerprotect Data Manager Dm5500 Firmware | 2024-11-21 | 7.2 High |
Dell DM5500 5.14.0.0 contains an OS command injection vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker. | ||||
CVE-2023-44290 | 1 Dell | 1 Command\|monitor | 2024-11-21 | 7.3 High |
Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation. | ||||
CVE-2023-44289 | 1 Dell | 1 Command\|configure | 2024-11-21 | 7.3 High |
Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation. | ||||
CVE-2023-44288 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | 7.5 High |
Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, leading to denial of service. | ||||
CVE-2023-44286 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2024-11-21 | 8.8 High |
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the injection of malicious HTML or JavaScript code to a victim user's DOM environment in the browser. . Exploitation may lead to information disclosure, session theft, or client-side request forgery. | ||||
CVE-2023-44285 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2024-11-21 | 7.8 High |
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an improper access control vulnerability. A local malicious user with low privileges could potentially exploit this vulnerability leading to escalation of privilege. | ||||
CVE-2023-44283 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2024-11-21 | 7.8 High |
In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (between v3.0 and v3.4.1), a security concern has been identified, impacting locally authenticated users on their respective PCs. This issue may potentially enable privilege escalation and the execution of arbitrary code, in the Windows system context, and confined to that specific local PC. | ||||
CVE-2023-44282 | 1 Dell | 1 Repository Manager | 2024-11-21 | 6.7 Medium |
Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. A local low-privileged attacker could potentially exploit this vulnerability, leading to gaining escalated privileges. | ||||
CVE-2023-44281 | 1 Dell | 1 Pair | 2024-11-21 | 6.6 Medium |
Dell Pair Installer version prior to 1.2.1 contains an elevation of privilege vulnerability. A low privilege user with local access to the system could potentially exploit this vulnerability to delete arbitrary files and result in Denial of Service. | ||||
CVE-2023-44279 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2024-11-21 | 6.7 Medium |
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A local high privileged attacker could potentially exploit this vulnerability, to bypass security restrictions. Exploitation may lead to a system take over by an attacker | ||||
CVE-2023-44278 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2024-11-21 | 6.7 Medium |
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a path traversal vulnerability. A local high privileged attacker could potentially exploit this vulnerability, to gain unauthorized read and write access to the OS files stored on the server filesystem, with the privileges of the running application. | ||||
CVE-2023-44277 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2024-11-21 | 7.8 High |
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in the CLI. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker. | ||||
CVE-2023-43089 | 1 Dell | 1 Rugged Control Center | 2024-11-21 | 4.4 Medium |
Dell Rugged Control Center, version prior to 4.7, contains insufficient protection for the Policy folder. A local malicious standard user could potentially exploit this vulnerability to modify the content of the policy file, leading to unauthorized access to resources. | ||||
CVE-2023-43088 | 1 Dell | 2 Precision 7865 Tower, Precision 7865 Tower Firmware | 2024-11-21 | 7.2 High |
Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device. | ||||
CVE-2023-43087 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | 4.3 Medium |
Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. A low privileged remote attacker could potentially exploit this vulnerability to cause information disclosure. |