Filtered by vendor Dell
Subscribe
Total
1453 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-46362 | 1 Dell | 1 Alienware Command Center | 2025-11-17 | N/A | 6.6 MEDIUM |
|
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering.
|
|||||
| CVE-2025-46367 | 1 Dell | 1 Alienware Command Center | 2025-11-17 | N/A | 7.8 HIGH |
|
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Detection of Error Condition Without Action vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary Code Execution.
|
|||||
| CVE-2025-46368 | 1 Dell | 1 Alienware Command Center | 2025-11-17 | N/A | 6.6 MEDIUM |
|
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.
|
|||||
| CVE-2025-46369 | 1 Dell | 1 Alienware Command Center | 2025-11-17 | N/A | 7.8 HIGH |
|
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation.
|
|||||
| CVE-2025-46370 | 1 Dell | 1 Alienware Command Center | 2025-11-17 | N/A | 3.3 LOW |
|
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Process Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure.
|
|||||
| CVE-2025-46430 | 1 Dell | 1 Display And Peripheral Manager | 2025-11-12 | N/A | 7.3 HIGH |
|
Dell Display and Peripheral Manager, versions prior to 2.1.2.12, contains an Execution with Unnecessary Privileges vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
|
|||||
| CVE-2025-36592 | 1 Dell | 1 Policy Manager For Secure Connect Gateway | 2025-11-10 | N/A | 5.4 MEDIUM |
|
Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Script injection.
|
|||||
| CVE-2020-11899 | 2 Dell, Treck | 7 Wyse 5030, Wyse 5030 Firmware, Wyse 5050 All-in-one and 4 more | 2025-11-07 | 4.8 MEDIUM | 5.4 MEDIUM |
|
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
|
|||||
| CVE-2025-30479 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 8.4 HIGH |
|
Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system.
|
|||||
| CVE-2025-46424 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 6.7 MEDIUM |
|
Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service.
|
|||||
| CVE-2025-46366 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 6.7 MEDIUM |
|
Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information.
|
|||||
| CVE-2025-46365 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 5.3 MEDIUM |
|
Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink.
|
|||||
| CVE-2025-46364 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 9.1 CRITICAL |
|
Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain control of system.
|
|||||
| CVE-2025-45379 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 8.4 HIGH |
|
Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to gain shell access of system.
|
|||||
| CVE-2025-45378 | 1 Dell | 1 Cloudlink | 2025-11-07 | N/A | 9.1 CRITICAL |
|
Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system.
If ssh is enabled with web credentials of server, attack is possible through network with known privileged user/password.
|
|||||
| CVE-2025-46422 | 1 Dell | 1 Unity Operating Environment | 2025-11-07 | N/A | 7.8 HIGH |
|
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.
|
|||||
| CVE-2025-43942 | 1 Dell | 1 Unity Operating Environment | 2025-11-07 | N/A | 7.8 HIGH |
|
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
|
|||||
| CVE-2025-46423 | 1 Dell | 1 Unity Operating Environment | 2025-11-07 | N/A | 7.8 HIGH |
|
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.
|
|||||
| CVE-2019-3728 | 1 Dell | 3 Bsafe Crypto-c, Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite | 2025-11-04 | 5.0 MEDIUM | 7.5 HIGH |
|
RSA BSAFE Crypto-C Micro Edition versions from 4.0.0.0 before 4.0.5.4 and from 4.1.0 before 4.1.4, RSA BSAFE Micro Edition Suite versions from 4.0.0 before 4.0.13 and from 4.1.0 before 4.4 and RSA Crypto-C versions from 6.0.0 through 6.4.* are vulnerable to an out-of-bounds read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system.
|
|||||
| CVE-2025-22476 | 1 Dell | 1 Storage Manager | 2025-11-04 | N/A | 5.5 MEDIUM |
|
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Remote execution.
|
|||||
| CVE-2025-43726 | 1 Dell | 1 Alienware Command Center | 2025-11-04 | N/A | 6.7 MEDIUM |
|
Dell Alienware Command Center 5.x (AWCC), versions prior to 5.10.2.0, contains an Improper Link Resolution Before File Access ('Link Following')" vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
|
|||||
| CVE-2025-43725 | 1 Dell | 1 Powerprotect Data Manager | 2025-11-04 | N/A | 7.8 HIGH |
|
Dell PowerProtect Data Manager, Generic Application Agent, version(s) 19.19 and 19.20, contain(s) an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
|
|||||
| CVE-2025-43991 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2025-11-04 | N/A | 6.3 MEDIUM |
|
SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link (Symlink) following vulnerability. A low privileged attacker with local access to the system could potentially exploit this vulnerability to delete arbitrary files only in that affected system.
|
|||||
| CVE-2025-46602 | 1 Dell | 1 Supportassist Os Recovery | 2025-11-04 | N/A | 4.4 MEDIUM |
|
Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
|
|||||
| CVE-2025-43995 | 1 Dell | 1 Storage Manager | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Authentication Bypass in DSM Data Collector. An unauthenticated remote attacker can access APIs exposed by ApiProxy.war in DataCollectorEar.ear by using a special SessionKey and UserId. These userid are special users created in compellentservicesapi ...
Show More |
|||||
| CVE-2025-43994 | 1 Dell | 1 Storage Manager | 2025-11-04 | N/A | 8.6 HIGH |
|
Dell Storage Center - Dell Storage Manager, version(s) DSM 20.1.21, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
|
|||||
| CVE-2025-46425 | 1 Dell | 1 Storage Manager | 2025-11-04 | N/A | 6.5 MEDIUM |
|
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
|
|||||
| CVE-2025-43941 | 1 Dell | 1 Unity Operating Environment | 2025-11-03 | N/A | 7.2 HIGH |
|
Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary command with root privileges. This vulnerability only affects systems without a valid license install.
|
|||||
| CVE-2025-43940 | 1 Dell | 1 Unity Operating Environment | 2025-11-03 | N/A | 7.8 HIGH |
|
Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
|
|||||
| CVE-2025-43939 | 1 Dell | 1 Unity Operating Environment | 2025-11-03 | N/A | 7.8 HIGH |
|
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
|
|||||
| CVE-2025-30475 | 1 Dell | 1 Insightiq | 2025-10-30 | N/A | 8.1 HIGH |
|
Dell PowerScale InsightIQ, versions 5.0 through 5.2, contains an improper privilege management vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to elevation of privileges.
|
|||||
| CVE-2025-30476 | 1 Dell | 1 Insightiq | 2025-10-30 | N/A | 5.3 MEDIUM |
|
Dell PowerScale InsightIQ, version 5.2, contains an uncontrolled resource consumption vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
|
|||||
| CVE-2025-45376 | 1 Dell | 1 Repository Manager | 2025-10-29 | N/A | 7.5 HIGH |
|
Dell Repository Manager (DRM), versions 3.4.7 and 3.4.8, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
|
|||||
| CVE-2021-21551 | 1 Dell | 568 Alienware 14, Alienware 17 51m R2, Alienware Area 51 and 565 more | 2025-10-28 | 4.6 MEDIUM | 8.8 HIGH |
|
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
|
|||||
| CVE-2025-43885 | 1 Dell | 1 Powerprotect Data Manager | 2025-10-20 | N/A | 7.8 HIGH |
|
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
|
|||||
| CVE-2025-43886 | 1 Dell | 1 Powerprotect Data Manager | 2025-10-20 | N/A | 4.4 MEDIUM |
|
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Path Traversal: '.../...//' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.
|
|||||
| CVE-2025-43887 | 1 Dell | 1 Powerprotect Data Manager | 2025-10-20 | N/A | 7.0 HIGH |
|
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
|
|||||
| CVE-2025-43888 | 1 Dell | 1 Powerprotect Data Manager | 2025-10-20 | N/A | 8.8 HIGH |
|
Dell PowerProtect Data Manager, Hyper-V, version(s) 19.19 and 19.20, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
|
|||||
| CVE-2025-43938 | 1 Dell | 1 Powerprotect Data Manager | 2025-10-20 | N/A | 5.0 MEDIUM |
|
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to gain unauthorized access with privileges of the compromised account.
|
|||||
| CVE-2025-30098 | 1 Dell | 1 Data Domain Operating System | 2025-10-16 | N/A | 6.7 MEDIUM |
|
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root priv ...
Show More |
|||||