Skip to main content

Dell

1272 CVEs vendor

Monthly

CVE-2022-33918 MEDIUM This Month

Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Geodrive
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-32493 HIGH This Week

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Stack Overflow Buffer Overflow Alienware Area 51M R1 Firmware +289
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-32491 HIGH This Week

Dell Client BIOS contains a Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Buffer Overflow Alienware Area 51M R1 Firmware Alienware Area 51M R2 Firmware Alienware Aurora R11 Firmware +287
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-32489 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Alienware Area 51M R1 Firmware Alienware Area 51M R2 Firmware Alienware Aurora R11 Firmware +287
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-32488 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Alienware Area 51M R1 Firmware Alienware Area 51M R2 Firmware Alienware Aurora R11 Firmware +287
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-32487 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Alienware Area 51M R1 Firmware Alienware Area 51M R2 Firmware Alienware Aurora R11 Firmware +287
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-32485 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Alienware Area 51M R1 Firmware Alienware Area 51M R2 Firmware Alienware Aurora R11 Firmware +287
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-32484 MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Alienware Area 51M R1 Firmware Alienware Area 51M R2 Firmware Alienware Aurora R11 Firmware +287
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-32483 MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Alienware Area 51M R1 Firmware Alienware Area 51M R2 Firmware Alienware Aurora R11 Firmware +287
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-31228 CRITICAL PATCH Act Now

Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dell Xtremio Management Server
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-34434 MEDIUM PATCH This Month

Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Authentication Bypass Dell PostgreSQL Cloud Mobility For Dell Emc Storage
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-34432 HIGH PATCH This Week

Dell Hybrid Client below 1.8 version contains a gedit vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Dell Command Injection Hybrid Client
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-34431 MEDIUM PATCH This Month

Dell Hybrid Client below 1.8 version contains a guest user profile corruption vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Dell Hybrid Client
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-34430 HIGH PATCH This Week

Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Path Traversal Hybrid Client
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-34427 HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Command Injection Container Storage Modules
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2022-34426 HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Path Traversal Command Injection Container Storage Modules
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-32492 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Bios
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2022-32486 HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Bios
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2022-34425 HIGH This Week

Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dell Enterprise Sonic Distribution
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-34402 MEDIUM PATCH This Month

Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Dell Denial Of Service Wyse Thinos
NVD
CVSS 3.1
4.9
EPSS
0.6%
CVE-2022-34429 HIGH This Week

Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Dell Path Traversal Hybrid Client
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2022-34428 LOW Monitor

Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Denial Of Service Hybrid Client
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2022-34394 LOW Monitor

Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Dell Smartfabric Os10
NVD
CVSS 3.1
3.7
EPSS
0.4%
CVE-2022-29089 MEDIUM This Month

Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Smartfabric Os10
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2022-31226 HIGH PATCH This Week

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Dell Stack Overflow Buffer Overflow Chengming 3900 Firmware +24
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-31225 MEDIUM PATCH This Month

Dell BIOS versions contain an Unchecked Return Value vulnerability. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity.

Information Disclosure Dell Chengming 3900 Firmware Inspiron 14 Plus 7420 Firmware Inspiron 16 Plus 7620 Firmware +22
NVD
CVSS 3.1
5.1
EPSS
0.2%
CVE-2022-31224 LOW PATCH Monitor

Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Dell Chengming 3900 Firmware Inspiron 14 Plus 7420 Firmware Inspiron 16 Plus 7620 Firmware +22
NVD
CVSS 3.1
2.4
EPSS
0.2%
CVE-2022-31223 LOW PATCH Monitor

Dell BIOS versions contain an Improper Neutralization of Null Byte vulnerability. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Information Disclosure Dell Chengming 3900 Firmware Inspiron 14 Plus 7420 Firmware Inspiron 16 Plus 7620 Firmware +22
NVD
CVSS 3.1
2.3
EPSS
0.2%
CVE-2022-31222 MEDIUM PATCH This Month

Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Dell Denial Of Service Chengming 3900 Firmware Inspiron 14 Plus 7420 Firmware Inspiron 16 Plus 7620 Firmware +22
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-31221 LOW PATCH Monitor

Dell BIOS versions contain an Information Exposure vulnerability. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Dell Chengming 3900 Firmware Inspiron 14 Plus 7420 Firmware Inspiron 16 Plus 7620 Firmware +22
NVD
CVSS 3.1
2.3
EPSS
0.2%
CVE-2022-31220 MEDIUM This Month

Dell BIOS versions contain an Unchecked Return Value vulnerability. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Chengming 3900 Firmware Inspiron 14 Plus 7420 Firmware Inspiron 16 Plus 7620 Firmware +22
NVD
CVSS 3.1
5.1
EPSS
0.2%
CVE-2022-26861 HIGH This Week

Dell BIOS versions contain an Insecure Automated Optimization vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Alienware M15 R6 Firmware Chengming 3980 Firmware Chengming 3988 Firmware +396
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26860 HIGH This Week

Dell BIOS versions contain a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Inspiron 7501 Firmware Latitude 3420 Firmware Inspiron 5502 Firmware Latitude 7400 2 In 1 Firmware Latitude 3520 Firmware +398
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26859 HIGH This Week

Dell BIOS contains a race condition vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Authentication Bypass Dell Alienware M15 R6 Firmware Chengming 3980 Firmware Chengming 3988 Firmware +396
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2022-26858 HIGH This Week

Dell BIOS versions contain an Improper Authentication vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Inspiron 7501 Firmware Latitude 3420 Firmware Inspiron 5502 Firmware Latitude 7400 2 In 1 Firmware Latitude 3520 Firmware +396
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-34382 HIGH PATCH This Week

Dell Command Update, Dell Update and Alienware Update versions prior to 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Dell Privilege Escalation Alienware Update Command Update Update
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-34378 MEDIUM PATCH This Month

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Dell Path Traversal Denial Of Service Emc Powerscale Onefs
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-34371 CRITICAL PATCH Act Now

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Information Disclosure Dell Emc Powerscale Onefs
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-34369 HIGH PATCH This Week

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 , contain an insertion of sensitive information in log files vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dell Emc Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-34380 HIGH PATCH This Week

Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Dell Cloudlink
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2022-34379 CRITICAL PATCH Act Now

Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Dell Cloudlink
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-34372 CRITICAL PATCH Act Now

Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Docker Dell Authentication Bypass Powerprotect Cyber Recovery
NVD
CVSS 3.1
9.1
EPSS
1.1%
CVE-2022-34383 HIGH PATCH This Week

Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

RCE Dell Command Injection Edge Gateway 5200 Firmware
NVD
CVSS 3.1
8.2
EPSS
0.5%
CVE-2022-34373 HIGH PATCH This Week

Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Path Traversal Command Integration Suite For System Center
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-34375 MEDIUM PATCH This Month

Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Dell Path Traversal Container Storage Modules
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2022-34374 HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Command Injection Container Storage Modules
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2022-34368 MEDIUM PATCH This Month

Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Dell Emc Networker
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-33935 MEDIUM PATCH This Month

Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Information Disclosure Dell XSS Emc Data Protection Advisor
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-33932 MEDIUM This Month

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Emc Powerscale Onefs
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-32480 MEDIUM This Month

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Emc Powerscale Onefs
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-31238 MEDIUM This Month

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Emc Powerscale Onefs
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-31237 LOW Monitor

Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Emc Powerscale Onefs
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2022-33931 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dell Wyse Management Suite
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2022-33930 HIGH This Week

Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Wyse Management Suite
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-33929 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell XSS Wyse Management Suite
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-33928 HIGH This Week

Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability in UI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Wyse Management Suite
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-33927 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Session Fixation Dell Wyse Management Suite
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-33926 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Wyse Management Suite
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-33925 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Wyse Management Suite
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-33924 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dell Wyse Management Suite
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2022-29090 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Wyse Management Suite
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-29083 MEDIUM This Month

Prior Dell BIOS versions contain an Improper Authentication vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dell Chengming 3980 Firmware Chengming 3990 Firmware Chengming 3991 Firmware +105
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2022-34367 HIGH This Week

Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Dell Emc Data Protection Central
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-33923 HIGH PATCH This Week

Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Dell Command Injection Emc Powerstore 500T Firmware Emc Powerstore 1200T Firmware Emc Powerstore 3200T Firmware +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-32498 HIGH PATCH This Week

Dell EMC PowerStore, Versions prior to v3.0.0.0 contain a DLL Hijacking vulnerability in PSTCLI. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Dell Powerstore Command Line Interface
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-31234 CRITICAL PATCH Act Now

Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dell Emc Powerstore 500T Firmware Emc Powerstore 1200T Firmware Emc Powerstore 3200T Firmware +2
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-22555 MEDIUM This Month

Dell EMC PowerStore, contains an OS command injection Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell Command Injection Emc Powerstore 500T Firmware Emc Powerstore 1200T Firmware Emc Powerstore 3200T Firmware +2
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2022-33936 CRITICAL Act Now

Cloud Mobility for Dell EMC Storage, 1.3.0.XXX contains a RCE vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Cloud Mobility For Dell Emc Storage
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-32481 HIGH PATCH This Week

Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerability on virtual appliance deployments. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Dell Docker Powerprotect Cyber Recovery
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-31230 CRITICAL Act Now

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Powerscale Onefs
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-31229 MEDIUM This Month

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Information Disclosure Powerscale Onefs
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2022-29097 MEDIUM This Month

Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Path Traversal Wyse Management Suite
NVD
CVSS 3.1
4.9
EPSS
1.2%
CVE-2022-29096 MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Information Disclosure Wyse Management Suite
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-26864 HIGH This Week

Prior Dell BIOS versions contain an Input Validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Dell Alienware M15 R5 Firmware G15 5515 Firmware G5 Se 5505 Firmware +31
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-26863 HIGH This Week

Prior Dell BIOS versions contain an Input Validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Dell Alienware M15 R5 Firmware G15 5515 Firmware G5 Se 5505 Firmware +31
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-26862 HIGH This Week

Prior Dell BIOS versions contain an Input Validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Dell Alienware M15 R5 Firmware G15 5515 Firmware G5 Se 5505 Firmware +31
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-29095 CRITICAL Act Now

Dell SupportAssist Client Consumer versions (3.10.4 and prior) and Dell SupportAssist Client Commercial versions (3.1.1 and prior) contain a cross-site scripting vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Dell Supportassist For Business Pcs Supportassist For Home Pcs
NVD
CVSS 3.1
9.6
EPSS
1.1%
CVE-2022-29094 HIGH This Week

Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion/overwrite. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Dell Path Traversal Supportassist For Business Pcs Supportassist For Home Pcs
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2022-29093 HIGH This Week

Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Dell Path Traversal Supportassist For Business Pcs Supportassist For Home Pcs
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2022-29092 HIGH This Week

Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Supportassist For Business Pcs Supportassist For Home Pcs
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-29085 MEDIUM This Month

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-29084 CRITICAL Act Now

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2022-26869 CRITICAL Act Now

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Dell Information Disclosure Powerstoreos
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2022-26868 HIGH This Week

Dell EMC PowerStore versions 2.0.0.x, 2.0.1.x, and 2.1.0.x are vulnerable to a command injection flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Powerstoreos
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-26866 MEDIUM This Month

Dell PowerStore Versions before v2.1.1.0. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Information Disclosure Powerstoreos
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-22556 HIGH This Week

Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Dell Powerstoreos
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-29098 HIGH PATCH This Week

Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Brute Force Dell Information Disclosure Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-29091 MEDIUM This Month

Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in Unisphere GUI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Dell Information Disclosure Unity Operating Environment Unity Xt Operating Environment +1
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-29082 MEDIUM This Month

Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Networker
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2022-26865 MEDIUM This Month

Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Dell Supportassist Os Recovery
NVD
CVSS 3.1
6.8
EPSS
0.3%
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Geodrive
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Stack Overflow +291
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Client BIOS contains a Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Buffer Overflow Alienware Area 51M R1 Firmware +289
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Alienware Area 51M R1 Firmware +289
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Alienware Area 51M R1 Firmware +289
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Alienware Area 51M R1 Firmware +289
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Alienware Area 51M R1 Firmware +289
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Alienware Area 51M R1 Firmware +289
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Alienware Area 51M R1 Firmware +289
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dell Xtremio Management Server
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Authentication Bypass Dell PostgreSQL +1
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Dell Hybrid Client below 1.8 version contains a gedit vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Dell Command Injection Hybrid Client
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Dell Hybrid Client below 1.8 version contains a guest user profile corruption vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Dell Hybrid Client
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Path Traversal Hybrid Client
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Command Injection Container Storage Modules
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Path Traversal Command Injection +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Bios
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Dell BIOS contains an improper input validation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Bios
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dell Enterprise Sonic Distribution
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Dell Denial Of Service Wyse Thinos
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Dell Path Traversal Hybrid Client
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Denial Of Service Hybrid Client
NVD
EPSS 0% CVSS 3.7
LOW Monitor

Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Dell Smartfabric Os10
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Smartfabric Os10
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Dell Stack Overflow +26
NVD
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Dell BIOS versions contain an Unchecked Return Value vulnerability. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity.

Information Disclosure Dell Chengming 3900 Firmware +24
NVD
EPSS 0% CVSS 2.4
LOW PATCH Monitor

Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Dell Chengming 3900 Firmware +24
NVD
EPSS 0% CVSS 2.3
LOW PATCH Monitor

Dell BIOS versions contain an Improper Neutralization of Null Byte vulnerability. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Information Disclosure Dell Chengming 3900 Firmware +24
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Dell Denial Of Service Chengming 3900 Firmware +24
NVD
EPSS 0% CVSS 2.3
LOW PATCH Monitor

Dell BIOS versions contain an Information Exposure vulnerability. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Dell Chengming 3900 Firmware +24
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Dell BIOS versions contain an Unchecked Return Value vulnerability. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Chengming 3900 Firmware +24
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS versions contain an Insecure Automated Optimization vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Alienware M15 R6 Firmware +398
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS versions contain a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Inspiron 7501 Firmware Latitude 3420 Firmware Inspiron 5502 Firmware +400
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Dell BIOS contains a race condition vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Authentication Bypass Dell Alienware M15 R6 Firmware +398
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell BIOS versions contain an Improper Authentication vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Inspiron 7501 Firmware Latitude 3420 Firmware Inspiron 5502 Firmware +398
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell Command Update, Dell Update and Alienware Update versions prior to 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Dell Privilege Escalation Alienware Update +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Dell Path Traversal Denial Of Service +1
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Information Disclosure Dell Emc Powerscale Onefs
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 , contain an insertion of sensitive information in log files vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dell Emc Powerscale Onefs
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Dell Cloudlink
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Dell Cloudlink
NVD
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Docker Dell Authentication Bypass +1
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

RCE Dell Command Injection +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Path Traversal Command Integration Suite For System Center
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Dell Path Traversal Container Storage Modules
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Command Injection Container Storage Modules
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Dell Emc Networker
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Information Disclosure Dell XSS +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Emc Powerscale Onefs
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Emc Powerscale Onefs
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Emc Powerscale Onefs
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Emc Powerscale Onefs
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dell Wyse Management Suite
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Wyse Management Suite
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell XSS +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability in UI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Wyse Management Suite
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Session Fixation Dell +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Wyse Management Suite
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Wyse Management Suite
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dell Wyse Management Suite
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data Exposure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Wyse Management Suite
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Prior Dell BIOS versions contain an Improper Authentication vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dell Chengming 3980 Firmware +107
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Dell Emc Data Protection Central
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Dell Command Injection Emc Powerstore 500T Firmware +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell EMC PowerStore, Versions prior to v3.0.0.0 contain a DLL Hijacking vulnerability in PSTCLI. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Dell Powerstore Command Line Interface
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dell Emc Powerstore 500T Firmware +4
NVD
EPSS 1% CVSS 6.7
MEDIUM This Month

Dell EMC PowerStore, contains an OS command injection Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell Command Injection Emc Powerstore 500T Firmware +4
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Cloud Mobility for Dell EMC Storage, 1.3.0.XXX contains a RCE vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Cloud Mobility For Dell Emc Storage
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerability on virtual appliance deployments. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Dell Docker +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Powerscale Onefs
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Information Disclosure Powerscale Onefs
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Path Traversal Wyse Management Suite
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Prior Dell BIOS versions contain an Input Validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Dell Alienware M15 R5 Firmware +33
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Prior Dell BIOS versions contain an Input Validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Dell Alienware M15 R5 Firmware +33
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Prior Dell BIOS versions contain an Input Validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Dell Alienware M15 R5 Firmware +33
NVD
EPSS 1% CVSS 9.6
CRITICAL Act Now

Dell SupportAssist Client Consumer versions (3.10.4 and prior) and Dell SupportAssist Client Commercial versions (3.1.1 and prior) contain a cross-site scripting vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Dell Supportassist For Business Pcs +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion/overwrite. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Dell Path Traversal Supportassist For Business Pcs +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Dell Path Traversal Supportassist For Business Pcs +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Supportassist For Business Pcs +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Unity Operating Environment +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Unity Operating Environment +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Dell Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell EMC PowerStore versions 2.0.0.x, 2.0.1.x, and 2.1.0.x are vulnerable to a command injection flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Powerstoreos
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell PowerStore Versions before v2.1.1.0. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Information Disclosure +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Dell Powerstoreos
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Brute Force Dell Information Disclosure +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in Unisphere GUI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Dell Information Disclosure +3
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Networker
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Dell +1
NVD
Prev Page 10 of 15 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy