Skip to main content

Dell

1272 CVEs vendor

Monthly

CVE-2023-43088 MEDIUM This Month

Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Dell Precision 7865 Tower Firmware
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2023-39251 MEDIUM This Month

Dell BIOS contains an Improper Input Validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Inspiron 7510 Firmware Inspiron 7610 Firmware Latitude 5430 Rugged Firmware +10
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-48670 HIGH This Week

Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Supportassist For Home Pcs
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28053 MEDIUM This Month

Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated cryptographic algorithms in the SSH component. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Emc Networker
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-48671 HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Dell Solutions Enabler Virtual Appliance Unisphere For Powermax Virtual Appliance Powermax Os
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-48668 MEDIUM This Month

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 on DDMC contain an OS command injection vulnerability in an admin operation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Powerprotect Data Domain Management Center
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2023-48667 HIGH This Week

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Dell Apex Protection Storage Powerprotect Data Domain Powerprotect Data Domain Management Center +2
NVD
CVSS 3.1
7.2
EPSS
1.8%
CVE-2023-48665 HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance Unisphere For Powermax Virtual Appliance Powermax Os
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2023-48664 HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance Unisphere For Powermax Virtual Appliance Powermax Os
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2023-48663 HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance Unisphere For Powermax Virtual Appliance Powermax Os
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2023-48662 HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance Unisphere For Powermax Virtual Appliance Powermax Os
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2023-48661 MEDIUM PATCH This Month

Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Information Disclosure Dell Solutions Enabler Virtual Appliance Unisphere For Powermax Virtual Appliance +1
NVD
CVSS 3.1
4.9
EPSS
0.6%
CVE-2023-48660 HIGH PATCH This Week

Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Dell Solutions Enabler Virtual Appliance Unisphere For Powermax Virtual Appliance Powermax Os
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-44286 MEDIUM This Month

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure XSS Dell Powerprotect Data Protection Apex Protection Storage +3
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2023-44285 HIGH This Week

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Powerprotect Data Protection Apex Protection Storage Powerprotect Data Domain +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44284 MEDIUM This Month

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an SQL Injection vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell SQLi Powerprotect Data Protection Apex Protection Storage Powerprotect Data Domain +2
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-44279 MEDIUM This Month

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Powerprotect Data Protection Apex Protection Storage Powerprotect Data Domain +2
NVD
CVSS 3.1
6.7
EPSS
0.6%
CVE-2023-44278 MEDIUM This Month

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a path traversal vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Dell Powerprotect Data Protection Apex Protection Storage Powerprotect Data Domain +2
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2023-44277 HIGH This Week

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in the CLI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Powerprotect Data Protection Apex Protection Storage Powerprotect Data Domain +2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-50430 MEDIUM POC This Month

The Goodix Fingerprint Device, as shipped in Dell Inspiron 15 computers, does not follow the Secure Device Connection Protocol (SDCP) when enrolling via Linux, and accepts an unauthenticated. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Microsoft Dell Authentication Bypass Fingerprint Sensor Firmware
NVD
CVSS 3.1
6.4
EPSS
0.4%
CVE-2023-32460 HIGH This Week

Dell PowerEdge BIOS contains an improper privilege management security vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass Poweredge R660 Firmware Poweredge R760 Firmware +124
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44298 MEDIUM This Month

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Denial Of Service Intel Dell Poweredge R660 Firmware +12
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2023-44297 MEDIUM This Month

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Information Disclosure Intel Dell +13
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2023-44295 HIGH This Week

Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2023-44288 HIGH This Week

Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Dell Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-39248 HIGH This Week

Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption (Denial of Service) vulnerability, when switches are configured with VLT and VRRP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Dell Networking Os10
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-44306 MEDIUM This Month

Dell DM5500 contains a path traversal vulnerability in the appliance. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Dell Dm5500 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-44305 CRITICAL Act Now

Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE Dell Dm5500 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-44304 HIGH This Week

Dell DM5500 contains a privilege escalation vulnerability in the appliance. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Command Injection Dell Dm5500 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-44302 CRITICAL Act Now

Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Dell Authentication Bypass Powerprotect Data Manager Dm5500 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-44301 MEDIUM This Month

Dell DM5500 5.14.0.0 and prior contain a Reflected Cross-Site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure XSS Dell Powerprotect Data Manager Dm5500 Firmware
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-44300 MEDIUM This Month

Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Powerprotect Data Manager Dm5500 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-44291 HIGH This Week

Dell DM5500 5.14.0.0 contains an OS command injection vulnerability in the appliance. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Dell Powerprotect Data Manager Dm5500 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2023-39257 HIGH This Week

Dell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass Rugged Control Center
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39256 HIGH This Week

Dell Rugged Control Center, version prior to 4.7, contains an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass Rugged Control Center
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-43089 LOW Monitor

Dell Rugged Control Center, version prior to 4.7, contains insufficient protection for the Policy folder. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Rugged Control Center
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2023-44290 HIGH This Week

Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass Command Monitor
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44289 HIGH This Week

Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass Command Configure
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-43086 HIGH This Week

Dell Command | Configure, versions prior to 4.11.0, contains an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass Command Configure
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39253 HIGH This Week

Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Os Recovery Tool
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-43082 MEDIUM This Month

Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure VMware Dell Unity Operating Environment Unity Xt Operating Environment +1
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-44292 HIGH This Week

Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Repository Manager
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44282 HIGH This Week

Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Repository Manager
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39259 HIGH This Week

Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Os Recovery Tool
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39246 HIGH This Week

Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Microsoft Endpoint Security Suite Enterprise Encryption +1
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2023-32469 MEDIUM This Month

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Precision 5820 Firmware Precision 7820 Firmware Precision 7920 Firmware
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-44296 MEDIUM This Month

Dell ELab-Navigator, version 3.1.9 contains a hard-coded credential vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Authentication Bypass E Lab Navigator
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-43087 MEDIUM This Month

Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-43076 MEDIUM This Month

Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a denial-of-service vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-43067 MEDIUM This Month

Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Dell Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-43066 HIGH This Week

Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-43074 HIGH This Week

Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-43065 MEDIUM This Month

Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Unity Operating Environment Unity Xt Operating Environment Unityvsa Operating Environment
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-43079 HIGH This Week

Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Authentication Bypass Emc Openmanage Server Administrator
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-32485 CRITICAL PATCH Act Now

Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Dell Smartfabric Storage Software
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-4401 HIGH This Week

Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Dell Smartfabric Storage Software
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-43073 MEDIUM This Month

Dell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Smartfabric Storage Software
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-43072 HIGH This Week

Dell SmartFabric Storage Software v1.4 (and earlier) contains an improper access control vulnerability in the CLI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Smartfabric Storage Software
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-43071 MEDIUM This Month

Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Smartfabric Storage Software
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-43070 MEDIUM This Month

Dell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Dell Smartfabric Storage Software
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-43069 HIGH This Week

Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Docker Smartfabric Storage Software
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-43068 HIGH This Week

Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Dell Smartfabric Storage Software
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-32477 HIGH PATCH This Week

Dell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Dell Authentication Bypass Common Event Enabler
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-4129 HIGH This Week

Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Data Protection Central
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-32458 HIGH PATCH This Week

Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Dell Authentication Bypass Appsync
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28055 HIGH PATCH This Week

Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

RCE Denial Of Service Dell Authentication Bypass Networker
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-39252 MEDIUM PATCH This Month

Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Dell Policy Manager For Secure Connect Gateway
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-32461 MEDIUM This Month

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Dell Heap Overflow Poweredge R660 Firmware Poweredge R760 Firmware +50
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-32470 MEDIUM PATCH This Month

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Dell Microsoft Digital Delivery
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-28072 HIGH This Week

Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Deserialization Alienware Command Center
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-32457 HIGH PATCH This Week

Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Dell Powerscale Onefs
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-32453 LOW Monitor

Dell BIOS contains an improper authentication vulnerability. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Alienware M15 R7 Firmware Alienware M16 Firmware Alienware M18 Firmware +108
NVD
CVSS 3.1
3.9
EPSS
0.2%
CVE-2023-28075 MEDIUM This Month

Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. Rated medium severity (CVSS 6.3). No vendor patch available.

RCE Dell Alienware M15 R7 Firmware Alienware M16 Firmware Alienware M18 Firmware +239
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2023-39250 MEDIUM This Month

Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure VMware Dell Replay Manager For Vmware Storage Integration Tools For Vmware +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-32495 HIGH This Week

Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-32493 CRITICAL Act Now

Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Denial Of Service Dell Powerscale Onefs
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-32492 HIGH This Week

Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Dell Powerscale Onefs
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2023-32491 MEDIUM This Month

Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-32490 MEDIUM This Month

Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Powerscale Onefs
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-32489 MEDIUM This Month

Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Powerscale Onefs
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-32488 MEDIUM This Month

Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-32487 HIGH This Week

Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation RCE Information Disclosure Dell +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-32486 HIGH This Week

Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Powerscale Onefs
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-32494 MEDIUM This Month

Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-32450 HIGH This Week

Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Power Manager
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-32468 MEDIUM PATCH This Month

Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Dell Ecs Streamer
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2023-32478 MEDIUM This Month

Dell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log file vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerstoreos
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2023-32476 MEDIUM This Month

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Hybrid Client
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-32455 MEDIUM This Month

Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Wyse Thinos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-32447 MEDIUM This Month

Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Wyse Thinos
NVD
CVSS 3.1
5.5
EPSS
0.1%
EPSS 0% CVSS 6.8
MEDIUM This Month

Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Dell Precision 7865 Tower Firmware
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell BIOS contains an Improper Input Validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Inspiron 7510 Firmware +12
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Supportassist For Home Pcs
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated cryptographic algorithms in the SSH component. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Emc Networker
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Dell Solutions Enabler Virtual Appliance +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 on DDMC contain an OS command injection vulnerability in an admin operation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Powerprotect Data Domain Management Center
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Dell Apex Protection Storage +4
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance +2
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance +2
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance +2
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance +2
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Information Disclosure Dell +3
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Dell Solutions Enabler Virtual Appliance +2
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure XSS Dell +5
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Powerprotect Data Protection +4
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an SQL Injection vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell SQLi Powerprotect Data Protection +4
NVD
EPSS 1% CVSS 6.7
MEDIUM This Month

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Powerprotect Data Protection +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a path traversal vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Dell Powerprotect Data Protection +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in the CLI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Powerprotect Data Protection +4
NVD
EPSS 0% CVSS 6.4
MEDIUM POC This Month

The Goodix Fingerprint Device, as shipped in Dell Inspiron 15 computers, does not follow the Secure Device Connection Protocol (SDCP) when enrolling via Linux, and accepts an unauthenticated. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Microsoft Dell Authentication Bypass +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell PowerEdge BIOS contains an improper privilege management security vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass +126
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Denial Of Service Intel +14
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Information Disclosure +15
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Dell Powerscale Onefs
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption (Denial of Service) vulnerability, when switches are configured with VLT and VRRP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Dell Networking Os10
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Dell DM5500 contains a path traversal vulnerability in the appliance. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Dell Dm5500 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Dell DM5500 contains a privilege escalation vulnerability in the appliance. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Command Injection Dell +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Dell Authentication Bypass +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Dell DM5500 5.14.0.0 and prior contain a Reflected Cross-Site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure XSS Dell +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Powerprotect Data Manager Dm5500 Firmware
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Dell DM5500 5.14.0.0 contains an OS command injection vulnerability in the appliance. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Dell Powerprotect Data Manager Dm5500 Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Rugged Control Center, version prior to 4.7, contains an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Dell Rugged Control Center, version prior to 4.7, contains insufficient protection for the Policy folder. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Rugged Control Center
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Command | Configure, versions prior to 4.11.0, contains an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Os Recovery Tool
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure VMware Dell +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Repository Manager
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Repository Manager
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Os Recovery Tool
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Microsoft +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Precision 5820 Firmware +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell ELab-Navigator, version 3.1.9 contains a hard-coded credential vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Authentication Bypass +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a denial-of-service vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Dell Unity Operating Environment +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Unity Operating Environment +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Unity Operating Environment +2
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Unity Operating Environment +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Authentication Bypass +1
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Dell Smartfabric Storage Software
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Dell Smartfabric Storage Software
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Smartfabric Storage Software
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell SmartFabric Storage Software v1.4 (and earlier) contains an improper access control vulnerability in the CLI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Smartfabric Storage Software
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Smartfabric Storage Software
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Dell Smartfabric Storage Software
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Docker +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Dell Smartfabric Storage Software
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Dell Authentication Bypass +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dell Data Protection Central
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Dell Authentication Bypass +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

RCE Denial Of Service Dell +2
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Dell Policy Manager For Secure Connect Gateway
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Dell Heap Overflow +52
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Dell Microsoft +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Deserialization +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Dell Powerscale Onefs
NVD
EPSS 0% CVSS 3.9
LOW Monitor

Dell BIOS contains an improper authentication vulnerability. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Alienware M15 R7 Firmware +110
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. Rated medium severity (CVSS 6.3). No vendor patch available.

RCE Dell Alienware M15 R7 Firmware +241
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure VMware Dell +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Denial Of Service Dell +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Dell +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Powerscale Onefs
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Powerscale Onefs
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Powerscale Onefs
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Powerscale Onefs
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Power Manager
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Dell Ecs Streamer
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Dell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log file vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Powerstoreos
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Hybrid Client
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Wyse Thinos
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Wyse Thinos
NVD
Prev Page 8 of 15 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy