Dell

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-28979 1Dell 1Openmanage Enterprise Nov 21, 2024 May 1, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Dell OpenManage Enterprise, versions 4.1.0 and older, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could po...Show more Dell OpenManage Enterprise, versions 4.1.0 and older, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.Show less
CVE-2024-28978 1Dell 1Openmanage Enterprise Nov 21, 2024 May 1, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability. A high privileged remote attacker could potentially exploit this vulnerability, leading to unauthorized access to reso...Show more Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability. A high privileged remote attacker could potentially exploit this vulnerability, leading to unauthorized access to resources.Show less
CVE-2024-28961 1Dell 1Openmanage Enterprise Feb 3, 2025 Apr 29, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure vulnerability. A local low privileged malicious user could potentially exploit this vulnerability to obtain credentials le...Show more Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure vulnerability. A local low privileged malicious user could potentially exploit this vulnerability to obtain credentials leading to unauthorized access with elevated privileges. This could lead to further attacks, thus Dell recommends customers to upgrade at the earliest opportunity.Show less
CVE-2024-28977 1Dell 1Repository Manager Jan 21, 2025 Apr 24, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read...Show more Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of the running web application.Show less
CVE-2024-28976 1Dell 1Repository Manager Jan 21, 2025 Apr 24, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized write access...Show more Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized write access to the files stored on the server filesystem with the privileges of the running web application.Show less
CVE-2024-28963 1Dell 1Telemetry Dashboard Feb 4, 2025 Apr 24, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Telemetry Dashboard v1.0.0.7 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability to read sensitive prox...Show more Telemetry Dashboard v1.0.0.7 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability to read sensitive proxy settings information.Show less
CVE-2024-0157 1Dell 2Storage Monitoring And Reporting Storage Resource Manager Feb 4, 2025 Apr 12, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in SRM Windows Host Agent. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading...Show more Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in SRM Windows Host Agent. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to the hijack of a targeted user's application session.Show less
CVE-2024-22448 1Dell 268Alienware M15 R6 Firmware Alienware M15 R7 FirmwareAlienware M16 R1 Firmware+265 more Feb 4, 2025 Apr 10, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.
CVE-2024-22450 1Dell 1Alienware Command Center Jan 31, 2025 Apr 10, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell Alienware Command Center, versions prior to 6.2.7.0, contain an uncontrolled search path element vulnerability. A local malicious user could potentially inject malicious files in the file search path, leading to sys...Show more Dell Alienware Command Center, versions prior to 6.2.7.0, contain an uncontrolled search path element vulnerability. A local malicious user could potentially inject malicious files in the file search path, leading to system compromise.Show less
CVE-2024-0159 1Dell 1Alienware Command Center Jan 31, 2025 Apr 10, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Dell Alienware Command Center, versions 5.5.52.0 and prior, contain improper access control vulnerability, leading to Denial of Service on local system.
CVE-2024-0172 1Dell 93Dss 8440 Firmware Emc Storage Nx3240 FirmwareEmc Storage Nx3340 Firmware+90 more Feb 4, 2025 Apr 3, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privileg...Show more Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.Show less
CVE-2024-25944 1Dell 1Openmanage Enterprise Feb 4, 2025 Mar 29, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Dell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, to gain unauthorized access to the files stored on t...Show more Dell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, to gain unauthorized access to the files stored on the server filesystem, with the privileges of the running web application.Show less
CVE-2024-25971 1Dell 1Powerprotect Data Manager Jan 27, 2025 Mar 28, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, d...Show more Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service.Show less
CVE-2024-25963 1Dell 1Powerscale Onefs Feb 20, 2026 Mar 28, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to informa...Show more Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure.Show less
CVE-2024-25960 1Dell 1Powerscale Onefs Feb 20, 2026 Mar 28, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to es...Show more Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.Show less
CVE-2024-25955 1Dell 3Powermax Eem Solutions Enabler Virtual ApplianceUnisphere For Powermax Virtual Appliance Jan 27, 2025 Mar 28, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends...Show more Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.Show less
CVE-2024-25954 1Dell 1Powerscale Onefs Feb 20, 2026 Mar 28, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session expiration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of serv...Show more Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session expiration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.Show less
CVE-2024-25953 1Dell 1Powerscale Onefs Feb 20, 2026 Mar 28, 2024 N/A· v4 6.0 MEDIUM· v3 N/A· v2 Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of...Show more Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.Show less
CVE-2024-25952 1Dell 1Powerscale Onefs Feb 20, 2026 Mar 28, 2024 N/A· v4 6.0 MEDIUM· v3 N/A· v2 Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of...Show more Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.Show less
CVE-2024-25946 1Dell 3Powermax Eem Solutions Enabler Virtual ApplianceUnisphere For Powermax Virtual Appliance Jan 27, 2025 Mar 28, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends...Show more Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.Show less

Previous 1...252627...76 Next