Dell

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-34446 1Dell 1Powerpath Management Appliance Nov 21, 2024 Feb 11, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access...Show more PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration. Show less
CVE-2022-34445 1Dell 1Powerscale Onefs Feb 20, 2026 Feb 11, 2023 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure.
CVE-2022-34444 1Dell 1Powerscale Onefs Feb 20, 2026 Feb 11, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to cause data leak.
CVE-2022-34404 1Dell 1System Update Nov 21, 2024 Feb 11, 2023 N/A· v4 6.0 MEDIUM· v3 N/A· v2 Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with high privileges could potentially exploit this vulnerability, leading to credential...Show more Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with high privileges could potentially exploit this vulnerability, leading to credential theft and/or denial of service. Show less
CVE-2022-34392 1Dell 1Supportassist For Home Pcs Nov 21, 2024 Feb 11, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access...Show more SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information. Show less
CVE-2022-34389 1Dell 2Supportassist For Business Pcs Supportassist For Home Pcs Nov 21, 2024 Feb 11, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentially exploit this vulnerability and impersonate a legitimate dell customer to a de...Show more Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentially exploit this vulnerability and impersonate a legitimate dell customer to a dell support technician. Show less
CVE-2022-34388 1Dell 2Supportassist For Business Pcs Supportassist For Home Pcs Nov 21, 2024 Feb 11, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain information disclosure vulnerability. A local malicious user with low privileges could exp...Show more Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain information disclosure vulnerability. A local malicious user with low privileges could exploit this vulnerability to view and modify sensitive information in the database of the affected application. Show less
CVE-2022-34387 1Dell 2Supportassist For Business Pcs Supportassist For Home Pcs Nov 21, 2024 Feb 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potenti...Show more Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system. Show less
CVE-2022-34386 1Dell 2Supportassist For Business Pcs Supportassist For Home Pcs Nov 21, 2024 Feb 11, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exp...Show more Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. Show less
CVE-2022-34385 1Dell 2Supportassist For Business Pcs Supportassist For Home Pcs Nov 21, 2024 Feb 11, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit...Show more SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. Show less
CVE-2022-34384 1Dell 5Alienware Update Command UpdateSupportassist For Business Pcs+2 more Nov 21, 2024 Feb 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command \| Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privil...Show more Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command \| Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation. Show less
CVE-2022-34377 1Dell 80C4130 Firmware C4140 FirmwareC6320 Firmware+77 more Nov 21, 2024 Feb 10, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform ar...Show more Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. Show less
CVE-2022-34376 1Dell 80C4130 Firmware C4140 FirmwareC6320 Firmware+77 more Nov 21, 2024 Feb 10, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial...Show more Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM. Show less
CVE-2022-34366 1Dell 1Supportassist For Home Pcs Nov 21, 2024 Feb 10, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Dell SupportAssist for Home PCs (version 3.11.2 and prior) contain Overly Permissive Cross-domain Whitelist vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive informa...Show more Dell SupportAssist for Home PCs (version 3.11.2 and prior) contain Overly Permissive Cross-domain Whitelist vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. Show less
CVE-2022-34364 1Dell 1Bsafe Ssl J Nov 21, 2024 Feb 10, 2023 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. .
CVE-2022-33934 1Dell 1Emc Powerscale Onefs Nov 21, 2024 Feb 10, 2023 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities...Show more Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields. Show less
CVE-2023-24573 1Dell 1Command \| Monitor Nov 21, 2024 Feb 10, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 Dell Command \| Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrar...Show more Dell Command \| Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. Show less
CVE-2023-24569 1Dell 1Alienware Command Center Nov 21, 2024 Feb 10, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to eleva...Show more Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system. Show less
CVE-2023-23698 1Dell 2Alienware Update Command Update Nov 21, 2024 Feb 10, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 Dell Command \| Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vul...Show more Dell Command \| Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete. Show less
CVE-2022-24410 1Dell 157Alienware 13 R2 Firmware Alienware 13 R3 FirmwareAlienware 15 R2 Firmware+154 more Nov 21, 2024 Feb 10, 2023 N/A· v4 4.2 MEDIUM· v3 N/A· v2 Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with physical access to the system and knowledge of the system configuration could potentially exploit this vulnerability to re...Show more Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with physical access to the system and knowledge of the system configuration could potentially exploit this vulnerability to read system information via debug interfaces. Show less

Previous 1...404142...76 Next