Dell

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-51539 1Dell 1Secure Connect Gateway Jan 21, 2026 Feb 25, 2025 N/A· v4 2.3 LOW· v3 N/A· v2 The Dell Secure Connect Gateway (SCG) Application and Appliance, versions prior to 5.28, contains a SQL injection vulnerability due to improper neutralization of special elements used in an SQL command. This vulnerabilit...Show more The Dell Secure Connect Gateway (SCG) Application and Appliance, versions prior to 5.28, contains a SQL injection vulnerability due to improper neutralization of special elements used in an SQL command. This vulnerability can only be exploited locally on the affected system. A high-privilege attacker with access to the system could potentially exploit this vulnerability, leading to the disclosure of non-sensitive information that does not include any customer data.Show less
CVE-2025-21106 1Dell 1Recoverpoint For Virtual Machines Jul 31, 2025 Feb 20, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive re...Show more Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the system.Show less
CVE-2025-21105 1Dell 1Recoverpoint For Virtual Machines Jul 31, 2025 Feb 20, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and p...Show more Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down the server, modifying the configuration leading to gain access to unauthorized data.Show less
CVE-2024-52541 1Dell 392Alienware M15 R6 Firmware Alienware M15 R7 FirmwareAlienware M16 R1 Firmware+389 more Dec 1, 2025 Feb 19, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 Dell Client Platform BIOS contains a Weak Authentication vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVE-2025-21103 1Dell 1Networker Dec 6, 2025 Feb 17, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 contain(s) an improper neutralization of server-side vulnerability. An unauthenticated attacker with local access could...Show more Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 contain(s) an improper neutralization of server-side vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability and run arbitrary code on the server.Show less
CVE-2025-22480 1Dell 1Supportassist Os Recovery Sep 24, 2025 Feb 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file...Show more Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privileges.Show less
CVE-2024-29172 1Dell 1Bsafe Ssl J Mar 19, 2025 Feb 12, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerability. A remote attacker could potentially exploit this vulnerability, leading to a Denial of Service.
CVE-2024-29171 1Dell 1Bsafe Ssl J Mar 19, 2025 Feb 12, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verification vulnerability. A remote attacker could potentially exploit this vulnerability, leading to information di...Show more Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verification vulnerability. A remote attacker could potentially exploit this vulnerability, leading to information disclosure.Show less
CVE-2025-22399 1Dell 1Utility Configuration Collector Edge Dec 6, 2025 Feb 11, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request fo...Show more Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgeryShow less
CVE-2025-22402 1Dell 1Update Manager Plugin Mar 4, 2025 Feb 7, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Dell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability. A low privileged attacker with remote access could po...Show more Dell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.Show less
CVE-2025-21117 1Dell 1Avamar Server Mar 28, 2025 Feb 5, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Dell Avamar, version 19.4 or later, contains an access token reuse vulnerability in the AUI. A low privileged local attacker could potentially exploit this vulnerability, leading to fully impersonating the user.
CVE-2025-22475 1Dell 1Data Domain Operating System Feb 7, 2025 Feb 4, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability. A remote attacker could potentially exploit this vulne...Show more Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability. A remote attacker could potentially exploit this vulnerability, leading to Information tampering.Show less
CVE-2024-53295 1Dell 1Data Domain Operating System Feb 7, 2025 Feb 1, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper access control vulnerability. A local malicious user with low privileges could potentially exploit this vulnerability leading t...Show more Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper access control vulnerability. A local malicious user with low privileges could potentially exploit this vulnerability leading to escalation of privilege.Show less
CVE-2024-53296 1Dell 1Data Domain Operating System Feb 7, 2025 Feb 1, 2025 N/A· v4 4.9 MEDIUM· v3 N/A· v2 Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerabilit...Show more Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.Show less
CVE-2024-51534 1Dell 1Data Domain Operating System Feb 7, 2025 Feb 1, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. A local low privileged could potentially exploit this vulnerability to gain unauthorized overwrite of...Show more Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. A local low privileged could potentially exploit this vulnerability to gain unauthorized overwrite of OS files stored on the server filesystem. Exploitation could lead to denial of service.Show less
CVE-2025-21107 1Dell 1Networker Feb 7, 2025 Jan 30, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potentially exploit thi...Show more Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.Show less
CVE-2025-23374 1Dell 1Enterprise Sonic Distribution Feb 7, 2025 Jan 30, 2025 N/A· v4 4.9 MEDIUM· v3 N/A· v2 Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A high privileged attacker with remote access could...Show more Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.Show less
CVE-2025-22394 1Dell 1Display Manager Feb 4, 2025 Jan 15, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leadi...Show more Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and possibly privilege escalation.Show less
CVE-2025-21101 1Dell 1Display Manager Feb 4, 2025 Jan 15, 2025 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Dell Display Manager, versions prior to 2.3.2.20, contain a race condition vulnerability. A local malicious user could potentially exploit this vulnerability during installation, leading to arbitrary folder or file delet...Show more Dell Display Manager, versions prior to 2.3.2.20, contain a race condition vulnerability. A local malicious user could potentially exploit this vulnerability during installation, leading to arbitrary folder or file deletion.Show less
CVE-2025-21111 1Dell 42Vxrail D560 Firmware Vxrail D560f FirmwareVxrail E460 Firmware+39 more Jan 24, 2025 Jan 8, 2025 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information...Show more Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.Show less

Previous 1...161718...76 Next