Filtered by vendor Dell
Subscribe
Total
1453 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33923 | 1 Dell | 10 Emc Powerstore 1200t, Emc Powerstore 1200t Firmware, Emc Powerstore 3200t and 7 more | 2024-11-21 | N/A | 6.4 MEDIUM |
|
Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.
|
|||||
| CVE-2022-33922 | 1 Dell | 1 Geodrive | 2024-11-21 | N/A | 7.0 HIGH |
|
Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context. Dell recommends customers to upgrade at the earliest opportunity.
|
|||||
| CVE-2022-33921 | 1 Dell | 1 Geodrive | 2024-11-21 | N/A | 7.0 HIGH |
|
Dell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.
|
|||||
| CVE-2022-33920 | 1 Dell | 1 Geodrive | 2024-11-21 | N/A | 7.8 HIGH |
|
Dell GeoDrive, versions prior to 2.2, contains an Unquoted File Path vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.
|
|||||
| CVE-2022-33919 | 1 Dell | 1 Geodrive | 2024-11-21 | N/A | 7.8 HIGH |
|
Dell GeoDrive, versions 2.1 - 2.2, contains an information disclosure vulnerability in GUI. An authenticated non-admin user could potentially exploit this vulnerability and view sensitive information.
|
|||||
| CVE-2022-33918 | 1 Dell | 1 Geodrive | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability. An authenticated non-admin user could potentially exploit this vulnerability and gain access to sensitive information.
|
|||||
| CVE-2022-32498 | 1 Dell | 1 Powerstore Command Line Interface | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Dell EMC PowerStore, Versions prior to v3.0.0.0 contain a DLL Hijacking vulnerability in PSTCLI. A local attacker can potentially exploit this vulnerability to execute arbitrary code, escalate privileges, and bypass software allow list solutions, leading to system takeover or IP exposure.
|
|||||
| CVE-2022-32493 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 6.0 MEDIUM |
|
Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32492 | 1 Dell | 4 Bios, Precision 5820 Tower, Precision 7820 Tower and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32491 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 4.1 MEDIUM |
|
Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM.
|
|||||
| CVE-2022-32490 | 1 Dell | 6 Edge Gateway 3000, Edge Gateway 3000 Firmware, Edge Gateway 5000 and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32489 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 8.2 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32488 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 8.2 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32487 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32486 | 1 Dell | 4 Bios, Precision 5820 Tower, Precision 7820 Tower and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32485 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32484 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 5.6 MEDIUM |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
|
|||||
| CVE-2022-32483 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 5.6 MEDIUM |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
|
|||||
| CVE-2022-32482 | 1 Dell | 378 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 375 more | 2024-11-21 | N/A | 5.6 MEDIUM |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
|
|||||
| CVE-2022-32481 | 1 Dell | 1 Powerprotect Cyber Recovery | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerability on virtual appliance deployments. A lower-privileged authenticated user can chain docker commands to escalate privileges to root leading to complete system takeover.
|
|||||
| CVE-2022-32480 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure.
|
|||||
| CVE-2022-31239 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | N/A | 6.7 MEDIUM |
|
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files vulnerability. A privileged local user may potentially exploit this vulnerability, leading to disclosure of this sensitive data.
|
|||||
| CVE-2022-31238 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | N/A | 4.7 MEDIUM |
|
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure.
|
|||||
| CVE-2022-31237 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | N/A | 3.3 LOW |
|
Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. A low privileged local attacker may potentially exploit this vulnerability, leading to limited information disclosure.
|
|||||
| CVE-2022-31234 | 1 Dell | 10 Emc Powerstore 1200t, Emc Powerstore 1200t Firmware, Emc Powerstore 3200t and 7 more | 2024-11-21 | N/A | 8.1 HIGH |
|
Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to password brute-forcing. Account takeover is possible if weak passwords are used by users.
|
|||||
| CVE-2022-31233 | 1 Dell | 8 Evasa Provider Virtual Appliance, Powermax Os, Solutions Enabler and 5 more | 2024-11-21 | N/A | 6.3 MEDIUM |
|
Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An adjacent malicious user may potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to.
|
|||||
| CVE-2022-31232 | 1 Dell | 1 Smartfabric Storage Software | 2024-11-21 | N/A | 8.6 HIGH |
|
SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access and perform actions on the affected system.
|
|||||
| CVE-2022-31230 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | 10.0 HIGH | 8.1 HIGH |
|
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.
|
|||||
| CVE-2022-31228 | 1 Dell | 3 Xtremio Management Server, Xtremio X1, Xtremio X2 | 2024-11-21 | N/A | 8.1 HIGH |
|
Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability. A remote unauthenticated attacker can potentially exploit this vulnerability and gain access to an admin account.
|
|||||
| CVE-2022-31226 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 7.1 HIGH |
|
Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.
|
|||||
| CVE-2022-31225 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 3.0 LOW |
|
Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.
|
|||||
| CVE-2022-31224 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 2.0 LOW |
|
Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by triggering a fault condition in order to change the behavior of the system.
|
|||||
| CVE-2022-31223 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 2.3 LOW |
|
Dell BIOS versions contain an Improper Neutralization of Null Byte vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by sending unexpected null bytes in order to read memory on the system.
|
|||||
| CVE-2022-31222 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 2.3 LOW |
|
Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by consuming excess memory in order to cause the application to crash.
|
|||||
| CVE-2022-31221 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 2.3 LOW |
|
Dell BIOS versions contain an Information Exposure vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order access sensitive state information on the system.
|
|||||
| CVE-2022-31220 | 1 Dell | 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more | 2024-11-21 | N/A | 3.0 LOW |
|
Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.
|
|||||
| CVE-2022-29097 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.
|
|||||
| CVE-2022-29096 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 3.5 LOW | 6.1 MEDIUM |
|
Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
|
|||||
| CVE-2022-29095 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2024-11-21 | 7.6 HIGH | 8.3 HIGH |
|
Dell SupportAssist Client Consumer versions (3.10.4 and prior) and Dell SupportAssist Client Commercial versions (3.1.1 and prior) contain a cross-site scripting vulnerability. A remote unauthenticated malicious user could potentially exploit this vulnerability under specific conditions leading to execution of malicious code on a vulnerable system.
|
|||||
| CVE-2022-29094 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion/overwrite vulnerability. Authenticated non-admin user could exploit the issue and delete or overwrite arbitrary files on the system.
|
|||||