VYPR

Vendor CVEs

Dell

All CVEs

1,538 total · sorted by risk
  • CVE-2024-22455Feb 14, 2024
    risk 0.00cvss epss 0.00

    Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Launch of phishing attacks.

  • CVE-2024-22445Feb 13, 2024
    risk 0.00cvss epss 0.01

    Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS,…

  • CVE-2024-22454Feb 13, 2024
    risk 0.00cvss epss 0.01

    Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with…

  • CVE-2024-22223Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_cbr utility. An authenticated malicious user with local access could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's…

  • CVE-2024-22222Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_udoctor utility. An authenticated malicious user with local access could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the…

  • CVE-2024-22221Feb 12, 2024
    risk 0.00cvss epss 0.00

    Dell Unity, versions prior to 5.4, contains SQL Injection vulnerability. An authenticated attacker could potentially exploit this vulnerability, leading to exposure of sensitive information.

  • CVE-2024-22226Feb 12, 2024
    risk 0.00cvss epss 0.00

    Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its svc_supportassist utility. An authenticated attacker could potentially exploit this vulnerability, to gain unauthorized write access to the files stored on the server filesystem, with elevated…

  • CVE-2024-22225Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_supportassist utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges.

  • CVE-2024-22224Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.

  • CVE-2024-22230Feb 12, 2024
    risk 0.00cvss epss 0.00

    Dell Unity, versions prior to 5.4, contains a Cross-site scripting vulnerability. An authenticated attacker could potentially exploit this vulnerability, stealing session information, masquerading as the affected user or carry out any actions that this user could perform, or to…

  • CVE-2024-22228Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cifssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root…

  • CVE-2024-22227Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_dc utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability execute commands with root privileges.

  • CVE-2024-0164Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contain an OS Command Injection Vulnerability in its svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary commands with elevated privileges.

  • CVE-2024-0165Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges.

  • CVE-2024-0166Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_tcpdump utility. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands with elevated privileges.

  • CVE-2024-0167Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files on the file system with root privileges.

  • CVE-2024-0168Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contains a Command Injection Vulnerability in svc_oscheck utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to inject arbitrary operating system commands. This vulnerability allows an…

  • CVE-2024-0169Feb 12, 2024
    risk 0.00cvss epss 0.00

    Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

  • CVE-2024-0170Feb 12, 2024
    risk 0.00cvss epss 0.01

    Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cava utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.…

  • CVE-2023-28077Feb 10, 2024
    risk 0.00cvss epss 0.00

    Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user.

  • CVE-2024-22464Feb 8, 2024
    risk 0.00cvss epss 0.01

    Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote attacker could potentially exploit this vulnerability, leading to the disclosure…

  • CVE-2023-32479Feb 6, 2024
    risk 0.00cvss epss 0.00

    Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this…

  • CVE-2023-32454Feb 6, 2024
    risk 0.00cvss epss 0.00

    DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service

  • CVE-2023-32474Feb 6, 2024
    risk 0.00cvss epss 0.00

    Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion

  • CVE-2023-32451Feb 6, 2024
    risk 0.00cvss epss 0.00

    Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation

  • CVE-2023-28063Feb 6, 2024
    risk 0.00cvss epss 0.00

    Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.

  • CVE-2023-28049Feb 6, 2024
    risk 0.00cvss epss 0.00

    Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete.

  • CVE-2020-29504Feb 2, 2024
    risk 0.00cvss epss 0.00

    Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Missing Required Cryptographic Step Vulnerability.

  • CVE-2021-21575Feb 2, 2024
    risk 0.00cvss epss 0.01

    Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.

  • CVE-2022-34381Feb 2, 2024
    risk 0.00cvss epss 0.01

    Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise…

  • CVE-2024-22433Feb 1, 2024
    risk 0.00cvss epss 0.01

    Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.get_ldap_info in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of…

  • CVE-2024-22430Feb 1, 2024
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions vulnerability. A local low privileges malicious user could potentially exploit this vulnerability, leading to denial of service.

  • CVE-2024-22449Feb 1, 2024
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access.

  • CVE-2024-22229Jan 24, 2024
    risk 0.00cvss epss 0.00

    Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed by an authenticated attacker. An attacker could exploit this vulnerability to forge log entries, create false alarms, and inject malicious content into logs that compromise logs…

  • CVE-2023-44281Jan 24, 2024
    risk 0.00cvss epss 0.00

    Dell Pair Installer version prior to 1.2.1 contains an elevation of privilege vulnerability. A low privilege user with local access to the system could potentially exploit this vulnerability to delete arbitrary files and result in Denial of Service.

  • CVE-2024-22428Jan 16, 2024
    risk 0.00cvss epss 0.00

    Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system. Dell recommends customers upgrade at the earliest…

  • CVE-2023-43088Dec 22, 2023
    risk 0.00cvss epss 0.00

    Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.

  • CVE-2023-39251Dec 22, 2023
    risk 0.00cvss epss 0.00

    Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.

  • CVE-2023-48670Dec 22, 2023
    risk 0.00cvss epss 0.00

    Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the…

  • CVE-2023-48671Dec 14, 2023
    risk 0.00cvss epss 0.01

    Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability. A remote attacker could potentially exploit this vulnerability leading to obtain sensitive information that may aid in further attacks.

  • CVE-2023-48665Dec 14, 2023
    risk 0.00cvss epss 0.02

    Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system.

  • CVE-2023-48664Dec 14, 2023
    risk 0.00cvss epss 0.02

    Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system.

  • CVE-2023-48663Dec 14, 2023
    risk 0.00cvss epss 0.02

    Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system.

  • CVE-2023-48662Dec 14, 2023
    risk 0.00cvss epss 0.02

    Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system.

  • CVE-2023-48661Dec 14, 2023
    risk 0.00cvss epss 0.01

    Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability to read arbitrary files from the target system.

  • CVE-2023-48660Dec 14, 2023
    risk 0.00cvss epss 0.01

    Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.

  • CVE-2023-48668Dec 14, 2023
    risk 0.00cvss epss 0.00

    Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 on DDMC contain an OS command injection vulnerability in an admin operation. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of…

  • CVE-2023-48667Dec 14, 2023
    risk 0.00cvss epss 0.02

    Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS…

  • CVE-2023-44286Dec 14, 2023
    risk 0.00cvss epss 0.01

    Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the injection of malicious HTML or…

  • CVE-2023-44285Dec 14, 2023
    risk 0.00cvss epss 0.00

    Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an improper access control vulnerability. A local malicious user with low privileges could potentially exploit this vulnerability leading to escalation of privilege.

Page 16 of 31