VYPR

Vendor CVEs

Dell

All CVEs

1,538 total · sorted by risk
  • CVE-2022-22556Jun 2, 2022
    risk 0.00cvss epss 0.01

    Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the Denial of Service.

  • CVE-2022-29098Jun 1, 2022
    risk 0.00cvss epss 0.01

    Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. An administrator may create an account with no password. A remote attacker may potentially exploit this leading to a user account compromise.

  • CVE-2020-26185Jun 1, 2022
    risk 0.00cvss epss 0.01

    Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain a Buffer Over-Read Vulnerability.

  • CVE-2020-26184Jun 1, 2022
    risk 0.00cvss epss 0.01

    Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain an Improper Certificate Validation vulnerability.

  • CVE-2022-29091May 26, 2022
    risk 0.00cvss epss 0.01

    Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in Unisphere GUI. An Unauthenticated Remote Attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or…

  • CVE-2022-29082May 26, 2022
    risk 0.00cvss epss 0.00

    Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could…

  • CVE-2022-26865May 26, 2022
    risk 0.00cvss epss 0.00

    Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. An unauthenticated attacker with physical access to the system may exploit this vulnerability by bypassing OS Recovery authentication in order to run arbitrary code on the…

  • CVE-2022-26857May 26, 2022
    risk 0.00cvss epss 0.01

    Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass blocked functionalities and perform unauthorized actions.

  • CVE-2022-24418May 26, 2022
    risk 0.00cvss epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2022-24417May 26, 2022
    risk 0.00cvss epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2022-24414May 26, 2022
    risk 0.00cvss epss 0.01

    Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL…

  • CVE-2022-26856Apr 21, 2022
    risk 0.00cvss epss 0.00

    Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A local attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access…

  • CVE-2022-24424Apr 21, 2022
    risk 0.00cvss epss 0.02

    Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem, with the privileges of…

  • CVE-2022-24423Apr 21, 2022
    risk 0.00cvss epss 0.02

    Dell iDRAC8 versions prior to 2.83.83.83 contain a denial of service vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to cause resource exhaustion in the webserver, resulting in a denial of service condition.

  • CVE-2022-22558Apr 21, 2022
    risk 0.00cvss epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of…

  • CVE-2022-24413Apr 12, 2022
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss.

  • CVE-2022-24412Apr 12, 2022
    risk 0.00cvss epss 0.01

    Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling of value vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to denial-of-service.

  • CVE-2022-24411Apr 12, 2022
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to…

  • CVE-2022-23163Apr 12, 2022
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service vulnerability. A local malicious user could potentially exploit this vulnerability, leading to denial of service/data unavailability.

  • CVE-2022-23161Apr 12, 2022
    risk 0.00cvss epss 0.01

    Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service.

  • CVE-2022-23160Apr 12, 2022
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. An remote malicious user could potentially exploit this vulnerability, leading to gaining write permissions on read-only files.

  • CVE-2022-23159Apr 12, 2022
    risk 0.00cvss epss 0.01

    Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a…

  • CVE-2022-22565Apr 12, 2022
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user could potentially exploit this vulnerability, leading to disclosure or modification of sensitive data.

  • CVE-2022-22562Apr 12, 2022
    risk 0.00cvss epss 0.01

    Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability.

  • CVE-2022-22561Apr 12, 2022
    risk 0.00cvss epss 0.01

    Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts.

  • CVE-2022-22560Apr 12, 2022
    risk 0.00cvss epss 0.00

    Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch…

  • CVE-2022-22559Apr 12, 2022
    risk 0.00cvss epss 0.01

    Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could exploit this vulnerability, leading to the potential for information disclosure.

  • CVE-2022-22550Apr 12, 2022
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over.

  • CVE-2022-22549Apr 12, 2022
    risk 0.00cvss epss 0.01

    Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated remote attacker could potentially exploit this vulnerability, leading to a man-in-the-middle capture of administrative credentials.

  • CVE-2022-26855Apr 8, 2022
    risk 0.00cvss epss 0.00

    Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability, leading to a denial of service.

  • CVE-2022-26854Apr 8, 2022
    risk 0.00cvss epss 0.01

    Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access

  • CVE-2022-26852Apr 8, 2022
    risk 0.00cvss epss 0.01

    Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise.

  • CVE-2022-26851Apr 8, 2022
    risk 0.00cvss epss 0.01

    Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss.

  • CVE-2022-24428Apr 8, 2022
    risk 0.00cvss epss 0.01

    Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A remote filesystem user with a local account could potentially exploit this vulnerability, leading to an escalation of file privileges and…

  • CVE-2022-22563Apr 8, 2022
    risk 0.00cvss epss 0.00

    Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes.

  • CVE-2021-36293Apr 8, 2022
    risk 0.00cvss epss 0.00

    Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain elevated privileges.

  • CVE-2021-36290Apr 8, 2022
    risk 0.00cvss epss 0.00

    Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain privileges.

  • CVE-2021-36288Apr 8, 2022
    risk 0.00cvss epss 0.01

    Dell VNX2 for File version 8.1.21.266 and earlier, contain a path traversal vulnerability which may lead unauthenticated users to read/write restricted files

  • CVE-2022-24426Apr 1, 2022
    risk 0.00cvss epss 0.00

    Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation.

  • CVE-2022-23158Apr 1, 2022
    risk 0.00cvss epss 0.01

    Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with standard privilege could potentially exploit this vulnerability and provide incorrect port information and get connected to valid WMS server

  • CVE-2022-23157Apr 1, 2022
    risk 0.00cvss epss 0.00

    Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A authenticated malicious user could potentially exploit this vulnerability in order to view sensitive information from the WMS Server.

  • CVE-2022-23156Apr 1, 2022
    risk 0.00cvss epss 0.00

    Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A malicious user could potentially exploit this vulnerability by providing invalid input in order to obtain a connection to WMS server.

  • CVE-2022-23155Apr 1, 2022
    risk 0.00cvss epss 0.01

    Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges can exploit this vulnerability in order to execute arbitrary code on the system.

  • CVE-2022-24421Mar 11, 2022
    risk 0.00cvss epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2022-24420Mar 11, 2022
    risk 0.00cvss epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2022-24419Mar 11, 2022
    risk 0.00cvss epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2022-24416Mar 11, 2022
    risk 0.00cvss epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2022-24415Mar 11, 2022
    risk 0.00cvss epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2021-43590Mar 4, 2022
    risk 0.00cvss epss 0.00

    Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a Plain-text password storage vulnerability. A local high privileged malicious user may potentially exploit this vulnerability, leading to the disclosure of certain user credentials.…

  • CVE-2022-24409Feb 23, 2022
    risk 0.00cvss epss 0.01

    Dell BSAFE SSL-J contains remediation for a covert timing channel vulnerability that may be exploited by malicious users to compromise the affected system. Only customers with active BSAFE maintenance contracts can receive details about this vulnerability. Public disclosure of…

Page 24 of 31