Filtered by vendor Dell
Subscriptions
Total
1332 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30105 | 1 Dell | 1 Xtremio X2 | 2025-08-05 | 8.8 High |
| Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | ||||
| CVE-2025-36611 | 1 Dell | 2 Encryption, Security Management Server | 2025-08-05 | 7.3 High |
| Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an Improper Link Resolution Before File Access ('Link Following') Vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation. | ||||
| CVE-2024-52538 | 1 Dell | 2 Avamar Data Store, Avamar Server | 2025-08-04 | 7.6 High |
| Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection. | ||||
| CVE-2024-47977 | 1 Dell | 2 Avamar Data Store, Avamar Server | 2025-08-04 | 7.1 High |
| Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. | ||||
| CVE-2024-47484 | 1 Dell | 2 Avamar Data Store, Avamar Server | 2025-08-04 | 8.2 High |
| Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution. | ||||
| CVE-2025-30483 | 1 Dell | 2 Elastic Cloud Storage, Objectscale | 2025-08-02 | 5.5 Medium |
| Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2025-26477 | 1 Dell | 2 Elastic Cloud Storage, Objectscale | 2025-08-01 | 4.3 Medium |
| Dell ECS version 3.8.1.4 and prior contain an Improper Input Validation vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution. | ||||
| CVE-2025-26478 | 1 Dell | 2 Elastic Cloud Storage, Objectscale | 2025-08-01 | 3.1 Low |
| Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2025-21106 | 1 Dell | 1 Recoverpoint For Virtual Machines | 2025-07-31 | 5.5 Medium |
| Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the system. | ||||
| CVE-2025-21105 | 1 Dell | 1 Recoverpoint For Virtual Machines | 2025-07-31 | 6.6 Medium |
| Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down the server, modifying the configuration leading to gain access to unauthorized data. | ||||
| CVE-2020-11899 | 2 Dell, Treck | 7 Wyse 5030, Wyse 5030 Firmware, Wyse 5050 All-in-one and 4 more | 2025-07-30 | 5.4 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | ||||
| CVE-2021-21551 | 1 Dell | 568 Alienware 14, Alienware 17 51m R2, Alienware Area 51 and 565 more | 2025-07-30 | 8.8 High |
| Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required. | ||||
| CVE-2025-23378 | 1 Dell | 1 Powerscale Onefs | 2025-07-15 | 3.3 Low |
| Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information through directory listing vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. | ||||
| CVE-2025-26330 | 1 Dell | 1 Powerscale Onefs | 2025-07-15 | 7 High |
| Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account. | ||||
| CVE-2025-22471 | 1 Dell | 1 Powerscale Onefs | 2025-07-15 | 6.5 Medium |
| Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2025-26479 | 1 Dell | 1 Powerscale Onefs | 2025-07-15 | 3.1 Low |
| Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues. | ||||
| CVE-2025-29985 | 1 Dell | 1 Common Event Enabler | 2025-07-15 | 6.5 Medium |
| Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Initialization of a Resource with an Insecure Default vulnerability in the Common Anti-Virus Agent (CAVA). An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | ||||
| CVE-2025-29986 | 1 Dell | 1 Common Event Enabler | 2025-07-15 | 8.3 High |
| Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Common Anti-Virus Agent (CAVA). An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | ||||
| CVE-2025-22473 | 1 Dell | 1 Smartfabric Os10 | 2025-07-14 | 7.8 High |
| Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | ||||
| CVE-2025-22472 | 1 Dell | 1 Smartfabric Os10 | 2025-07-14 | 7.8 High |
| Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of commands with elevated privileges. | ||||