Filtered by vendor Dell
Subscriptions
Total
1535 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22266 | 1 Dell | 1 Powerprotect Data Manager | 2026-04-18 | 4.7 Medium |
| Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass. | ||||
| CVE-2026-21420 | 1 Dell | 1 Repository Manager | 2026-04-18 | 7.3 High |
| Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution and escalation of privileges. | ||||
| CVE-2026-22278 | 1 Dell | 1 Powerscale Onefs | 2026-04-18 | 8.1 High |
| Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | ||||
| CVE-2026-22271 | 1 Dell | 3 Ecs Streamer, Elastic Cloud Storage, Objectscale | 2026-04-18 | 7.5 High |
| Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information exposure. | ||||
| CVE-2026-22273 | 1 Dell | 2 Elastic Cloud Storage, Objectscale | 2026-04-18 | 8.8 High |
| Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Use of Default Credentials vulnerability in the OS. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2026-22274 | 1 Dell | 3 Ecs Streamer, Elastic Cloud Storage, Objectscale | 2026-04-18 | 6.5 Medium |
| Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability in the Fabric Syslog. An unauthenticated attacker with remote access could potentially exploit this vulnerability to intercept and modify information in transit. | ||||
| CVE-2026-22276 | 1 Dell | 3 Ecs Streamer, Elastic Cloud Storage, Objectscale | 2026-04-18 | 5.5 Medium |
| Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Storage of Sensitive Information vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2026-21418 | 1 Dell | 2 Unity, Unity Operating Environment | 2026-04-18 | 7.8 High |
| Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. | ||||
| CVE-2026-21419 | 1 Dell | 1 Display And Peripheral Manager | 2026-04-17 | 6.6 Medium |
| Dell Display and Peripheral Manager (Windows) versions prior to 2.2 contain an Improper Link Resolution Before File Access ('Link Following') vulnerability in the Installer and Service. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges | ||||
| CVE-2026-23857 | 1 Dell | 2 Update Package, Update Package Framework | 2026-04-17 | 8.2 High |
| Dell Update Package (DUP) Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2026-23861 | 1 Dell | 1 Unisphere For Powermax | 2026-04-17 | 5.4 Medium |
| Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | ||||
| CVE-2026-22284 | 1 Dell | 2 Smartfabric Os10, Smartfabric Os10 Software | 2026-04-17 | 6.6 Medium |
| Dell SmartFabric OS10 Software, versions prior to 10.5.6.12, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. | ||||
| CVE-2026-22762 | 1 Dell | 3 Avamar Server, Avamar Virtual Edition, Powerprotect Dp Series Appliance (idpa) | 2026-04-17 | 6.5 Medium |
| Dell Avamar Server and Avamar Virtual Edition, versions prior to 19.10 SP1 with CHF338912, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary file delete. | ||||
| CVE-2026-26361 | 1 Dell | 2 Powermax Os, Unisphere For Powermax | 2026-04-17 | 6.5 Medium |
| Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2026-26362 | 1 Dell | 2 Powermax Os, Unisphere For Powermax | 2026-04-17 | 8.1 High |
| Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Relative Path Traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized modification of critical system files. | ||||
| CVE-2026-26359 | 1 Dell | 2 Powermax Os, Unisphere For Powermax | 2026-04-17 | 8.8 High |
| Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files. | ||||
| CVE-2026-22268 | 1 Dell | 1 Powerprotect Data Manager | 2026-04-17 | 6.3 Medium |
| Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service of a Dell Enterprise Support connection. | ||||
| CVE-2026-22267 | 1 Dell | 1 Powerprotect Data Manager | 2026-04-17 | 8.1 High |
| Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2026-23858 | 1 Dell | 1 Wyse Management Suite | 2026-04-17 | 5.4 Medium |
| Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script Injection. | ||||
| CVE-2026-23859 | 1 Dell | 1 Wyse Management Suite | 2026-04-17 | 2.7 Low |
| Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass. | ||||