Filtered by vendor Dell
Subscribe
Total
960 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25540 | 1 Dell | 1 Emc Powerscale Onefs | 2023-11-07 | N/A | 7.1 HIGH |
| Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service. | |||||
| CVE-2023-25536 | 1 Dell | 1 Powerscale Onefs | 2023-11-07 | N/A | 6.7 MEDIUM |
| Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover. | |||||
| CVE-2023-24576 | 1 Dell | 1 Emc Networker | 2023-11-07 | N/A | 9.8 CRITICAL |
| EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the NetWorker Client execution service (nsrexecd) irrespective of any auth used. | |||||
| CVE-2023-24575 | 1 Dell | 1 Multifunction Printer E525w Driver And Software Suite | 2023-11-07 | N/A | 7.8 HIGH |
| Dell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system | |||||
| CVE-2023-24574 | 1 Dell | 1 Enterprise Sonic Distribution | 2023-11-07 | N/A | 7.5 HIGH |
| Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumption by creating permanent home directories for unauthenticated users. | |||||
| CVE-2023-24573 | 1 Dell | 1 Command \| Monitor | 2023-11-07 | N/A | 7.1 HIGH |
| Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. | |||||
| CVE-2023-24572 | 1 Dell | 1 Command \| Integration Suite For System Center | 2023-11-07 | N/A | 3.3 LOW |
| Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. | |||||
| CVE-2023-24571 | 1 Dell | 2 Embedded Box Pc 3000, Embedded Box Pc 3000 Firmware | 2023-11-07 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution. | |||||
| CVE-2023-24569 | 1 Dell | 1 Alienware Command Center | 2023-11-07 | N/A | 7.8 HIGH |
| Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system. | |||||
| CVE-2023-24567 | 1 Dell | 1 Emc Networker | 2023-11-07 | N/A | 6.5 MEDIUM |
| Dell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks. | |||||
| CVE-2023-23698 | 1 Dell | 2 Alienware Update, Command Update | 2023-11-07 | N/A | 7.1 HIGH |
| Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete. | |||||
| CVE-2023-23697 | 1 Dell | 1 Command \| Intel Vpro Out Of Band | 2023-11-07 | N/A | 3.3 LOW |
| Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. | |||||
| CVE-2023-23696 | 1 Dell | 1 Command \| Intel Vpro Out Of Band | 2023-11-07 | N/A | 7.8 HIGH |
| Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization vulnerability. A locally authenticated malicious users could potentially exploit this vulnerability in order to write arbitrary files to the system. | |||||
| CVE-2023-23695 | 1 Dell | 1 Secure Connect Gateway | 2023-11-07 | N/A | 5.9 MEDIUM |
| Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information. | |||||
| CVE-2023-23692 | 1 Dell | 1 Emc Data Domain Os | 2023-11-07 | N/A | 8.8 HIGH |
| Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. | |||||
| CVE-2023-23691 | 1 Dell | 6 Powervault Me5012, Powervault Me5012 Firmware, Powervault Me5024 and 3 more | 2023-11-07 | N/A | 8.8 HIGH |
| Dell EMC PV ME5, versions ME5.1.0.0.0 and ME5.1.0.1.0, contains a Client-side desync Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability to force a victim's browser to desynchronize its connection with the website, typically leading to XSS and DoS. | |||||
| CVE-2023-23690 | 1 Dell | 1 Cloud Mobility For Dell Emc Storage | 2023-11-07 | N/A | 7.0 HIGH |
| Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for Certificate Revocation vulnerability. A threat actor does not need any specific privileges to potentially exploit this vulnerability. An attacker could perform a man-in-the-middle attack and eavesdrop on encrypted communications from Cloud Mobility to Cloud Storage devices. Exploitation could lead to the compromise of secret and sensitive information, cloud storage connection downtime, and the integrity of the connection to the Cloud devices. | |||||
| CVE-2023-23689 | 1 Dell | 16 A200, A2000, A2000 Firmware and 13 more | 2023-11-07 | N/A | 7.5 HIGH |
| Dell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthenticated network host to impair built-in hardware management functionality and trigger OneFS data protection mechanism causing a denial of service. | |||||
| CVE-2023-22575 | 1 Dell | 1 Emc Powerscale Onefs | 2023-11-07 | N/A | 8.8 HIGH |
| Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges. | |||||
| CVE-2023-22574 | 1 Dell | 1 Emc Powerscale Onefs | 2023-11-07 | N/A | 8.1 HIGH |
| Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and denial of service. | |||||