Filtered by vendor Dell
Subscribe
Total
1453 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-22397 | 1 Dell | 4 Idrac10, Idrac10 Firmware, Idrac9 and 1 more | 2026-01-21 | N/A | 6.7 MEDIUM |
|
Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10.80.00 through 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
|
|||||
| CVE-2025-46603 | 1 Dell | 1 Cloudboost Virtual Appliance | 2026-01-16 | N/A | 7.0 HIGH |
|
Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior, contains an Improper Restriction of Excessive Authentication Attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access.
|
|||||
| CVE-2024-48014 | 1 Dell | 1 Bsafe Micro-edition-suite | 2026-01-16 | N/A | 7.5 HIGH |
|
Dell BSAFE Micro Edition Suite, versions prior to 5.0.2.3 contain an Out-of-bounds Write vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
|
|||||
| CVE-2025-26333 | 1 Dell | 1 Bsafe Crypto-j | 2026-01-16 | N/A | 5.9 MEDIUM |
|
Dell BSAFE Crypto-J generates an error message that includes sensitive information about its environment and associated data. A remote attacker could potentially exploit this vulnerability, leading to information exposure.
|
|||||
| CVE-2025-43993 | 1 Dell | 28 Latitude 5350, Latitude 5350 Firmware, Latitude 5550 and 25 more | 2026-01-16 | N/A | 7.8 HIGH |
|
Dell Wireless 5932e and Qualcomm Snapdragon X62 Firmware and GNSS/GPS Driver, versions prior to 3.2.0.22 contain an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code Execution.
|
|||||
| CVE-2025-43943 | 1 Dell | 1 Cloud Disaster Recovery | 2026-01-16 | N/A | 6.7 MEDIUM |
|
Dell Cloud Disaster Recovery, version(s) prior to 19.20, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.
|
|||||
| CVE-2025-26482 | 1 Dell | 224 Dss 8440, Dss 8440 Firmware, Emc Nx440 and 221 more | 2026-01-16 | N/A | 4.9 MEDIUM |
|
Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure.
|
|||||
| CVE-2025-36599 | 1 Dell | 1 Powerflex Manager | 2026-01-16 | N/A | 4.3 MEDIUM |
|
Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the system with privileges of the compromised account.
|
|||||
| CVE-2025-36564 | 1 Dell | 1 Encryption | 2026-01-15 | N/A | 7.8 HIGH |
|
Dell Encryption Admin Utilities versions prior to 11.10.2 contain an Improper Link Resolution vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation.
|
|||||
| CVE-2025-43728 | 1 Dell | 33 Latitude 3330, Latitude 3420, Latitude 3440 and 30 more | 2026-01-15 | N/A | 9.6 CRITICAL |
|
Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism Failure vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass.
|
|||||
| CVE-2025-43729 | 1 Dell | 33 Latitude 3330, Latitude 3420, Latitude 3440 and 30 more | 2026-01-15 | N/A | 7.8 HIGH |
|
Dell ThinOS 10, versions prior to 2508_10.0127, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Elevation of Privileges and Unauthorized Access.
|
|||||
| CVE-2025-43730 | 1 Dell | 33 Latitude 3330, Latitude 3420, Latitude 3440 and 30 more | 2026-01-15 | N/A | 8.4 HIGH |
|
Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A local unauthenticated user could potentially exploit this vulnerability leading to Elevation of Privileges and Information disclosure.
|
|||||
| CVE-2025-43882 | 1 Dell | 33 Latitude 3330, Latitude 3420, Latitude 3440 and 30 more | 2026-01-15 | N/A | 7.8 HIGH |
|
Dell ThinOS 10, versions prior to 2508_10.0127, contains an Unverified Ownership vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Unauthorized Access.
|
|||||
| CVE-2025-36595 | 1 Dell | 2 Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2026-01-14 | N/A | 7.2 HIGH |
|
Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.
|
|||||
| CVE-2025-36593 | 1 Dell | 1 Openmanage Network Integration | 2026-01-14 | N/A | 8.8 HIGH |
|
Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed authentication request.
|
|||||
| CVE-2025-36611 | 1 Dell | 2 Encryption, Security Management Server | 2026-01-14 | N/A | 7.3 HIGH |
|
Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an Improper Link Resolution Before File Access ('Link Following') Vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation.
|
|||||
| CVE-2025-26332 | 1 Dell | 3 Techadvisor, Xtremio Management Server, Xtremio X2 | 2026-01-14 | N/A | 8.8 HIGH |
|
TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
|
|||||
| CVE-2025-30105 | 1 Dell | 3 Techadvisor, Xtremio Management Server, Xtremio X2 | 2026-01-14 | N/A | 8.8 HIGH |
|
Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
|
|||||
| CVE-2025-26476 | 1 Dell | 2 Elastic Cloud Storage, Objectscale | 2026-01-14 | N/A | 8.4 HIGH |
|
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
|
|||||
| CVE-2025-38741 | 1 Dell | 1 Enterprise Sonic Os | 2026-01-14 | N/A | 7.5 HIGH |
|
Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication.
|
|||||
| CVE-2025-36581 | 1 Dell | 6 Poweredge R6415, Poweredge R6415 Firmware, Poweredge R7415 and 3 more | 2026-01-14 | N/A | 3.8 LOW |
|
Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
|
|||||
| CVE-2025-26335 | 1 Dell | 1 Powerprotect Cyber Recovery | 2026-01-14 | N/A | 5.8 MEDIUM |
|
Dell PowerProtect Cyber Recovery, versions prior to 19.18.0.2, contains an Insertion of Sensitive Information Into Sent Data vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
|
|||||
| CVE-2025-30100 | 1 Dell | 1 Alienware Command Center | 2026-01-14 | N/A | 6.7 MEDIUM |
|
Dell Alienware Command Center 6.x, versions prior to 6.7.37.0 contain an Improper Access Control Vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
|
|||||
| CVE-2025-36573 | 1 Dell | 4 Pro Smart Dock Sd25, Pro Smart Dock Sd25 Firmware, Pro Thunderbolt 4 Smart Dock Sd25tb4 and 1 more | 2026-01-13 | N/A | 7.1 HIGH |
|
Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure.
|
|||||
| CVE-2025-27689 | 1 Dell | 1 Idrac Tools | 2026-01-13 | N/A | 7.8 HIGH |
|
Dell iDRAC Tools, version(s) prior to 11.3.0.0, contain(s) an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
|
|||||
| CVE-2025-27686 | 1 Dell | 1 Unisphere For Powermax | 2026-01-12 | N/A | 2.7 LOW |
|
Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and PowerMax version(s) prior to PowerMax 9.2.4.15, contain an Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.
|
|||||
| CVE-2025-29988 | 1 Dell | 522 14 Plus 2-in-1 Db04250, 14 Plus 2-in-1 Db04250 Firmware, 14 Plus Db14250 and 519 more | 2026-01-12 | N/A | 6.9 MEDIUM |
|
Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.
|
|||||
| CVE-2024-39580 | 1 Dell | 1 Insightiq | 2025-12-31 | N/A | 6.7 MEDIUM |
|
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
|
|||||
| CVE-2024-39581 | 1 Dell | 1 Insightiq | 2025-12-31 | N/A | 7.3 HIGH |
|
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files.
|
|||||
| CVE-2024-39582 | 1 Dell | 1 Insightiq | 2025-12-31 | N/A | 2.3 LOW |
|
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
|
|||||
| CVE-2024-39583 | 1 Dell | 1 Insightiq | 2025-12-31 | N/A | 8.1 HIGH |
|
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
|
|||||
| CVE-2025-46637 | 1 Dell | 1 Encryption | 2025-12-10 | N/A | 7.3 HIGH |
|
Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A local malicious user could potentially exploit this vulnerability, leading to Elevation of privileges.
|
|||||
| CVE-2025-46636 | 1 Dell | 1 Encryption | 2025-12-10 | N/A | 6.6 MEDIUM |
|
Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.
|
|||||
| CVE-2025-22399 | 1 Dell | 1 Utility Configuration Collector Edge | 2025-12-06 | N/A | 7.9 HIGH |
|
Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery
|
|||||
| CVE-2025-21103 | 1 Dell | 1 Networker | 2025-12-06 | N/A | 7.8 HIGH |
|
Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 contain(s) an improper neutralization of server-side vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability and run arbitrary code on the server.
|
|||||
| CVE-2025-46608 | 1 Dell | 1 Data Lakehouse | 2025-12-05 | N/A | 9.1 CRITICAL |
|
Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. This vulnerability is considered Critical, as it may result in unauthorized access with elevated privileges, compromising system integrity and customer data. Dell recommends customers upgrade to the latest version at the earliest opportunity.
|
|||||
| CVE-2024-52541 | 1 Dell | 784 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 781 more | 2025-12-01 | N/A | 8.2 HIGH |
|
Dell Client Platform BIOS contains a Weak Authentication vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
|
|||||
| CVE-2024-48829 | 1 Dell | 1 Smartfabric Os10 | 2025-11-17 | N/A | 6.7 MEDIUM |
|
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code ('Code Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
|
|||||
| CVE-2025-46427 | 1 Dell | 1 Smartfabric Os10 | 2025-11-17 | N/A | 8.8 HIGH |
|
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
|
|||||
| CVE-2025-46428 | 1 Dell | 1 Smartfabric Os10 | 2025-11-17 | N/A | 8.8 HIGH |
|
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.
|
|||||