VYPR

Powerscale Onefs

by Dell

CVEs (178)

  • CVE-2025-43723Nov 10, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to…

  • CVE-2025-43724Oct 8, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares.

  • CVE-2025-36601Sep 25, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.5.0.0 through 9.11.0.0, contains an exposure of sensitive information to an unauthorized actor vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to Information disclosure.

  • CVE-2025-43722Sep 8, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.

  • CVE-2025-30477Jul 21, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions prior to 9.11.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

  • CVE-2024-53298Jun 20, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains a missing authorization vulnerability in the NFS export. An unauthenticated attacker with remote access could potentially exploit this vulnerability leading to unauthorized filesystem access. The attacker may be…

  • CVE-2025-32753Jun 20, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains an improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to denial…

  • CVE-2025-26481May 15, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource consumption vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to denial of service.

  • CVE-2025-30101May 8, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering.

  • CVE-2025-30102May 8, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service.

  • CVE-2025-26479Apr 10, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues.

  • CVE-2025-23378Apr 10, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information through directory listing vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure.

  • CVE-2025-26480Apr 10, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.0, contains an uncontrolled resource consumption vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.

  • CVE-2025-22471Apr 10, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.

  • CVE-2025-26330Apr 10, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account.

  • CVE-2025-27690Apr 10, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account.

  • CVE-2024-47239Jan 8, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service.

  • CVE-2024-47475Jan 6, 2025
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to denial of service.

  • CVE-2024-42426Dec 9, 2024
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource consumption vulnerability. A low privilege remote attacker could potentially exploit this vulnerability, leading to denial of service.

  • CVE-2024-49603Dec 9, 2024
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure.

Page 2 of 9