Filtered by vendor Dell
Subscribe
Total
956 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-4401 | 1 Dell | 1 Smartfabric Storage Software | 2023-12-10 | N/A | 8.8 HIGH |
Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access. | |||||
CVE-2023-32485 | 1 Dell | 1 Smartfabric Storage Software | 2023-12-10 | N/A | 9.8 CRITICAL |
Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity. | |||||
CVE-2023-28075 | 1 Dell | 484 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 481 more | 2023-12-10 | N/A | 6.3 MEDIUM |
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system. | |||||
CVE-2023-32482 | 1 Dell | 1 Wyse Management Suite | 2023-12-10 | N/A | 4.9 MEDIUM |
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group. | |||||
CVE-2023-32490 | 1 Dell | 1 Powerscale Onefs | 2023-12-10 | N/A | 6.7 MEDIUM |
Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover. | |||||
CVE-2023-39252 | 1 Dell | 1 Secure Connect Gateway Policy Manager | 2023-12-10 | N/A | 5.9 MEDIUM |
Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information. | |||||
CVE-2023-32457 | 1 Dell | 1 Powerscale Onefs | 2023-12-10 | N/A | 8.8 HIGH |
Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges. | |||||
CVE-2023-32489 | 1 Dell | 1 Powerscale Onefs | 2023-12-10 | N/A | 6.7 MEDIUM |
Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges. | |||||
CVE-2023-3039 | 1 Dell | 1 Sd Rom Utility | 2023-12-10 | N/A | 7.8 HIGH |
SD ROM Utility, versions prior to 1.0.2.0 contain an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access. | |||||
CVE-2023-43070 | 1 Dell | 1 Smartfabric Storage Software | 2023-12-10 | N/A | 6.5 MEDIUM |
Dell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface. A remote authenticated attacker could potentially exploit this vulnerability, leading to modify or write arbitrary files to arbitrary locations in the license container. | |||||
CVE-2023-43065 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2023-12-10 | N/A | 5.4 MEDIUM |
Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. A low-privileged authenticated attacker can exploit these issues to obtain escalated privileges. | |||||
CVE-2023-43067 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2023-12-10 | N/A | 6.5 MEDIUM |
Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack could potentially exploit this vulnerability disclosing local files in the file system. | |||||
CVE-2023-32461 | 1 Dell | 104 Emc Xc Core Xc450, Emc Xc Core Xc450 Firmware, Emc Xc Core Xc650 and 101 more | 2023-12-10 | N/A | 6.7 MEDIUM |
Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges. | |||||
CVE-2023-43071 | 1 Dell | 1 Smartfabric Storage Software | 2023-12-10 | N/A | 5.4 MEDIUM |
Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to various injection type attacks. | |||||
CVE-2023-4129 | 1 Dell | 1 Data Protection Central | 2023-12-10 | N/A | 7.5 HIGH |
Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext. | |||||
CVE-2023-32487 | 1 Dell | 1 Powerscale Onefs | 2023-12-10 | N/A | 7.8 HIGH |
Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure. | |||||
CVE-2023-32470 | 1 Dell | 1 Digital Delivery | 2023-12-10 | N/A | 5.5 MEDIUM |
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). | |||||
CVE-2023-43073 | 1 Dell | 1 Smartfabric Storage Software | 2023-12-10 | N/A | 6.5 MEDIUM |
Dell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. An authenticated remote attacker could potentially exploit this vulnerability, leading to gaining unauthorized access to data. | |||||
CVE-2023-32481 | 1 Dell | 1 Wyse Management Suite | 2023-12-10 | N/A | 6.5 MEDIUM |
Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the configured SMTP server with numerous requests in order to deny access to the system. | |||||
CVE-2023-28036 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2023-12-10 | N/A | 6.7 MEDIUM |
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |