Latest Dell Vulnerabilities

CVE-2024-37126
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to...
Dell PowerScale OneFS>=8.2.2<9.7.1.0
Dell PowerScale OneFS=9.8.0.0
CVE-2024-37134
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain roo...
Dell PowerScale OneFS>=8.2.2<9.5.1.0
Dell PowerScale OneFS>=9.6.0<9.7.1.0
Dell PowerScale OneFS=9.8.0.0
CVE-2024-37133
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to...
Dell PowerScale OneFS>=8.2.2<9.4.0.18
Dell PowerScale OneFS>=9.5.0.0<9.5.1.0
Dell PowerScale OneFS>=9.6.0<9.7.1.0
Dell PowerScale OneFS=9.8.0.0
CVE-2024-37132
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an incorrect privilege assignment vulnerability. A high privileged attacker with local access could potentially exploit this vulnerabilit...
Dell PowerScale OneFS>=8.2.2<9.5.1.0
Dell PowerScale OneFS>=9.6.0<9.7.1.0
Dell PowerScale OneFS=9.8.0.0
CVE-2024-32854
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to ...
Dell PowerScale OneFS>=8.2.2<9.5.1.0
Dell PowerScale OneFS>=9.6.0<9.7.1.0
Dell PowerScale OneFS=9.8.0.0
CVE-2024-32853
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an execution with unnecessary privileges vulnerability. A local low privileged attacker could potentially exploit this vulnerability, lea...
Dell PowerScale OneFS>=8.2.2<9.4.0.18
Dell PowerScale OneFS>=9.5.0.0<9.5.1.0
Dell PowerScale OneFS>=9.6.0<9.7.1.0
CVE-2024-32852
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain use of a broken or risky cryptographic algorithm vulnerability. An unprivileged network malicious attacker could potentially exploit this...
Dell PowerScale OneFS>=8.2.0<9.5.1.0
Dell PowerScale OneFS>=9.6.0<9.7.1.0
CVE-2024-28979
Dell OpenManage Enterprise, versions prior to 4.1.0, contains an XSS injection vulnerability in UI. A high privileged local attacker could potentially exploit this vulnerability, leading to JavaScript...
Dell OpenManage Enterprise<4.1.0
CVE-2024-28978
Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability. A high privileged remote attacker could potentially exploit this vulnerability, leading to unautho...
Dell OpenManage Enterprise=3.10
Dell OpenManage Enterprise=4.0
CVE-2024-22445
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leadin...
Dell PowerProtect Data Manager<=19.15
CVE-2024-22454
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this ...
Dell PowerProtect Data Manager<=19.15
CVE-2024-22223
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_cbr utility. An authenticated malicious user with local access could potentially exploit this vulnerab...
Dell Unity Operating Environment<5.4.0.0.5.094
CVE-2024-22222
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_udoctor utility. An authenticated malicious user with local access could potentially exploit this vuln...
Dell Unity Operating Environment<5.4.0.0.5.094
CVE-2024-22221
Dell Unity, versions prior to 5.4, contains SQL Injection vulnerability. An authenticated attacker could potentially exploit this vulnerability, leading to exposure of sensitive information.
Dell Unity Operating Environment<5.4.0.0.5.094
CVE-2024-22226
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its svc_supportassist utility. An authenticated attacker could potentially exploit this vulnerability, to gain unauthorize...
Dell Unity Operating Environment<5.4.0.0.5.094
CVE-2024-22224
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restrict...
Dell Unity Operating Environment<5.4.0.0.5.094
CVE-2024-0164
Dell Unity, versions prior to 5.4, contain an OS Command Injection Vulnerability in its svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ex...
Dell Unity Operating Environment<5.4.0.0.5.094
CVE-2024-0165
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. An authenticated attacker could potentially exploit this vulnerability, leading to exe...
Dell Unity Operating Environment<5.4.0.0.5.094
CVE-2024-0167
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the a...
Dell Unity Operating Environment<5.4.0.0.5.094
CVE-2024-0168
Dell Unity, versions prior to 5.4, contains a Command Injection Vulnerability in svc_oscheck utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to...
Dell Unity Operating Environment<5.4.0.0.5.094
CVE-2024-0169
Dell Unity, versions prior to 5.4, contains a cross-site scripting (XSS) vulnerability. An authenticated attacker could potentially exploit this vulnerability, leading users to download and execute m...
Dell Unity Operating Environment<5.4.0.0.5.094
CVE-2024-0170
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cava utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restric...
Dell Unity Operating Environment<5.4.0.0.5.094
CVE-2023-28077
Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a local...
Dell BSAFE SSL-J>=6.0<6.5.1
Dell BSAFE SSL-J>=7.0<7.1.1
CVE-2024-22464
Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote att...
DELL EMC AppSync>=4.2.0.0<4.6.0.2
CVE-2023-32479
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-defaul...
Dell Encryption<11.9.0
Dell Endpoint Security Suite Enterprise<11.9.0
Dell Security Management Server<11.9.0
Microsoft Windows
CVE-2023-32454
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary...
Dell Update Package Framework<=4.9.4.36
CVE-2023-32474
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during...
Dell Display Manager<2.1.1.21
CVE-2023-32451
Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation
Dell Display Manager<2.1.1.21
CVE-2023-28063
Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of s...
Dell Optiplex 3000 Micro Firmware
Dell Optiplex 3000 Micro
Dell Optiplex 3000 Small Form Factor Firmware
Dell Optiplex 3000 Small Form Factor
Dell Optiplex 3000 Tower Firmware
Dell Optiplex 3000 Tower
and 576 more
CVE-2023-28049
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privile...
Dell Command \| Monitor<10.9.1
CVE-2023-25543
Dell Power Manager, versions prior to 3.14, contain an Improper Authorization vulnerability in DPM service. A low privileged malicious user could potentially exploit this vulnerability in order to el...
Dell Power Manager<3.14
CVE-2020-29504
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Missing Required Cryptographic Step Vulnerability.
Dell Bsafe Crypto-c-micro-edition<4.1.5
Dell Bsafe Micro-edition-suite<4.5.2
CVE-2021-21575
Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.
Dell Bsafe Micro-edition-suite<4.5.2
CVE-2022-34381
Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote at...
Dell BSAFE SSL-J<6.5
Dell BSAFE SSL-J=7.0
Dell BSAFE Crypto-J<6.2.6.1
CVE-2024-22433
Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.get_ldap_info in DP Search. A remote unauthorized unauthenticated attacker c...
Dell Data Protection Search>=19.2.0<19.6.4
CVE-2024-22430
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions vulnerability. A local low privileges malicious user could potentially exploit this vulnerability, leadi...
Dell PowerScale OneFS>=8.2.0<9.6.1
CVE-2024-22449
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vuln...
Dell PowerScale OneFS>=9.0.0<9.6.1
CVE-2024-22432
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker ...
Dell NetWorker<=19.9
CVE-2024-22229
Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker. An attacker could exploit this vulnerability to forge log entries, create ...
Dell Unity Operating Environment=5.3.0.0.5.120
Dell Unity Xt Operating Environment=5.3.0.0.5.120
Dell Unityvsa Operating Environment=5.3.0.0.5.120
CVE-2023-44281
Dell Pair Installer version prior to 1.2.1 contains an elevation of privilege vulnerability. A low privilege user with local access to the system could potentially exploit this vulnerability to delet...
Dell Pair<1.2.1
CVE-2024-22428
Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code...
Dell EMC iDRAC Service Module<=5.2.0.0
CVE-2023-43088
Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to exec...
Dell Precision 7865 Tower Firmware<1.5.0
Dell Precision 7865 Tower
CVE-2023-39251
Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.
Dell Inspiron 7510 Firmware<1.20.0
Dell Inspiron 7510
Dell Inspiron 7610 Firmware<1.20.0
Dell Inspiron 7610
Dell Latitude 5430 Rugged Firmware<1.23.0
Dell Latitude 5430 Rugged
and 20 more
CVE-2023-48670
Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit ...
Dell SupportAssist for Home PCs=3.14.2.45116
CVE-2023-28053
Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vu...
Dell EMC Networker<19.8.0.4
Dell EMC Networker>=19.9<19.9.0.3
CVE-2023-48671
Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability. A remote attacker could potentially exploit this vulnerability leading to obtain sensitive information th...
Dell Solutions Enabler Virtual Appliance<9.2.4.5
Dell Unisphere For Powermax Virtual Appliance<9.2.4.7
Dell Powermax Os=5978
CVE-2023-48665
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execut...
Dell Solutions Enabler Virtual Appliance<9.2.4.5
Dell Unisphere For Powermax Virtual Appliance<9.2.4.7
Dell Powermax Os=5978
CVE-2023-48664
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execut...
Dell Solutions Enabler Virtual Appliance<9.2.4.5
Dell Unisphere For Powermax Virtual Appliance<9.2.4.7
Dell Powermax Os=5978
CVE-2023-48663
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execut...
Dell Solutions Enabler Virtual Appliance<9.2.4.5
Dell Unisphere For Powermax Virtual Appliance<9.2.4.7
Dell Powermax Os=5978
CVE-2023-48662
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execut...
Dell Solutions Enabler Virtual Appliance<9.2.4.5
Dell Unisphere For Powermax Virtual Appliance<9.2.4.7
Dell Powermax Os=5978

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203