Vendor CVEs
Dell
All CVEs
1,538 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-22278 | 0.00 | — | 0.00 | Jan 22, 2026 | Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | |||
| CVE-2025-36588 | 0.00 | — | 0.01 | Jan 22, 2026 | Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command… | |||
| CVE-2025-46685 | 0.00 | — | 0.00 | Jan 13, 2026 | Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | |||
| CVE-2025-46684 | 0.00 | — | 0.00 | Jan 13, 2026 | Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering. | |||
| CVE-2025-46645 | 0.00 | — | 0.01 | Jan 9, 2026 | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an… | |||
| CVE-2025-46643 | 0.00 | — | 0.00 | Jan 9, 2026 | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain a… | |||
| CVE-2025-46676 | 0.00 | — | 0.00 | Jan 9, 2026 | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an… | |||
| CVE-2025-46644 | 0.00 | — | 0.01 | Jan 9, 2026 | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS2023 release versions 7.10.1.0 through 7.10.1.70, contain an… | |||
| CVE-2025-36589 | 0.00 | — | 0.00 | Jan 6, 2026 | Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to data and resources… | |||
| CVE-2025-46696 | 0.00 | — | 0.00 | Jan 6, 2026 | Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation… | |||
| CVE-2025-53919 | 0.00 | — | 0.00 | Dec 17, 2025 | An issue was discovered in the Portrait Dell Color Management application through 3.3.008 for Dell monitors, It creates a temporary folder, with weak permissions, during installation and uninstallation. A low-privileged attacker with local access could potentially exploit this,… | |||
| CVE-2025-53398 | 0.00 | — | 0.00 | Dec 17, 2025 | The Portrait Dell Color Management application 3.3.8 for Dell monitors has Insecure Permissions, | |||
| CVE-2025-46636 | 0.00 | — | 0.00 | Dec 9, 2025 | Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. | |||
| CVE-2025-46637 | 0.00 | — | 0.00 | Dec 9, 2025 | Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A local malicious user could potentially exploit this vulnerability, leading to Elevation of privileges. | |||
| CVE-2025-46603 | 0.00 | — | 0.00 | Dec 5, 2025 | Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior, contains an Improper Restriction of Excessive Authentication Attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. | |||
| CVE-2025-46369 | 0.00 | — | 0.00 | Nov 13, 2025 | Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation. | |||
| CVE-2025-46370 | 0.00 | — | 0.00 | Nov 13, 2025 | Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Process Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure. | |||
| CVE-2025-46362 | 0.00 | — | 0.00 | Nov 13, 2025 | Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering. | |||
| CVE-2025-46368 | 0.00 | — | 0.00 | Nov 13, 2025 | Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. | |||
| CVE-2025-46367 | 0.00 | — | 0.00 | Nov 13, 2025 | Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Detection of Error Condition Without Action vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary Code Execution. | |||
| CVE-2025-46608 | 0.00 | — | 0.00 | Nov 12, 2025 | Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. This vulnerability is considered Critical, as it… | |||
| CVE-2025-46427 | 0.00 | — | 0.01 | Nov 12, 2025 | Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command… | |||
| CVE-2025-46428 | 0.00 | — | 0.01 | Nov 12, 2025 | Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code… | |||
| CVE-2024-48829 | 0.00 | — | 0.00 | Nov 12, 2025 | Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code ('Code Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | |||
| CVE-2025-43723 | 0.00 | — | 0.00 | Nov 10, 2025 | Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to… | |||
| CVE-2025-46430 | 0.00 | — | 0.00 | Nov 10, 2025 | Dell Display and Peripheral Manager, versions prior to 2.1.2.12, contains an Execution with Unnecessary Privileges vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | |||
| CVE-2025-22397 | 0.00 | — | 0.00 | Nov 6, 2025 | Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10.80.00 through 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain an Improper Limitation of a Pathname to a… | |||
| CVE-2025-43990 | 0.00 | — | 0.00 | Nov 5, 2025 | Dell Command Monitor (DCM), versions prior to 10.12.3.28, contains an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | |||
| CVE-2025-46366 | 0.00 | — | 0.00 | Nov 5, 2025 | Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information. | |||
| CVE-2025-46424 | 0.00 | — | 0.00 | Nov 5, 2025 | Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service. | |||
| CVE-2025-46365 | 0.00 | — | 0.00 | Nov 5, 2025 | Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink. | |||
| CVE-2025-46364 | 0.00 | — | 0.00 | Nov 5, 2025 | Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain control of system. | |||
| CVE-2025-45379 | 0.00 | — | 0.01 | Nov 5, 2025 | Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to gain shell access of system. | |||
| CVE-2025-30479 | 0.00 | — | 0.01 | Nov 5, 2025 | Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system. | |||
| CVE-2025-45378 | 0.00 | — | 0.00 | Nov 5, 2025 | Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system. If ssh is enabled… | |||
| CVE-2025-36592 | 0.00 | — | 0.00 | Oct 30, 2025 | Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with remote access could potentially exploit… | |||
| CVE-2025-46363 | 0.00 | — | 0.00 | Oct 30, 2025 | Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00.00, contain a Relative Path Traversal vulnerability in the SCG exposed for an internal collection download REST API (if this REST API is enabled by Admin user from UI). A low… | |||
| CVE-2025-43942 | 0.00 | — | 0.01 | Oct 30, 2025 | Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution… | |||
| CVE-2025-46422 | 0.00 | — | 0.01 | Oct 30, 2025 | Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands… | |||
| CVE-2025-46423 | 0.00 | — | 0.01 | Oct 30, 2025 | Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands… | |||
| CVE-2025-43939 | 0.00 | — | 0.01 | Oct 30, 2025 | Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution… | |||
| CVE-2025-43940 | 0.00 | — | 0.01 | Oct 30, 2025 | Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution… | |||
| CVE-2025-43941 | 0.00 | — | 0.01 | Oct 30, 2025 | Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary command… | |||
| CVE-2025-46602 | 0.00 | — | 0.00 | Oct 27, 2025 | Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information… | |||
| CVE-2025-43994 | 0.00 | — | 0.01 | Oct 24, 2025 | Dell Storage Center - Dell Storage Manager, version(s) DSM 20.1.21, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | |||
| CVE-2025-43995 | 0.00 | — | 0.01 | Oct 24, 2025 | Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Authentication Bypass in DSM… | |||
| CVE-2025-46425 | 0.00 | — | 0.00 | Oct 24, 2025 | Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | |||
| CVE-2025-43991 | 0.00 | — | 0.00 | Oct 13, 2025 | SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link (Symlink) following vulnerability. A low privileged attacker with local access to the system could potentially exploit this… | |||
| CVE-2025-43724 | 0.00 | — | 0.00 | Oct 8, 2025 | Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares. | |||
| CVE-2025-36565 | 0.00 | — | 0.00 | Oct 7, 2025 | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Argument… |
- CVE-2026-22278Jan 22, 2026risk 0.00cvss —epss 0.00
Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
- CVE-2025-36588Jan 22, 2026risk 0.00cvss —epss 0.01
Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command…
- CVE-2025-46685Jan 13, 2026risk 0.00cvss —epss 0.00
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
- CVE-2025-46684Jan 13, 2026risk 0.00cvss —epss 0.00
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering.
- CVE-2025-46645Jan 9, 2026risk 0.00cvss —epss 0.01
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an…
- CVE-2025-46643Jan 9, 2026risk 0.00cvss —epss 0.00
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain a…
- CVE-2025-46676Jan 9, 2026risk 0.00cvss —epss 0.00
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an…
- CVE-2025-46644Jan 9, 2026risk 0.00cvss —epss 0.01
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS2023 release versions 7.10.1.0 through 7.10.1.70, contain an…
- CVE-2025-36589Jan 6, 2026risk 0.00cvss —epss 0.00
Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to data and resources…
- CVE-2025-46696Jan 6, 2026risk 0.00cvss —epss 0.00
Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation…
- CVE-2025-53919Dec 17, 2025risk 0.00cvss —epss 0.00
An issue was discovered in the Portrait Dell Color Management application through 3.3.008 for Dell monitors, It creates a temporary folder, with weak permissions, during installation and uninstallation. A low-privileged attacker with local access could potentially exploit this,…
- CVE-2025-53398Dec 17, 2025risk 0.00cvss —epss 0.00
The Portrait Dell Color Management application 3.3.8 for Dell monitors has Insecure Permissions,
- CVE-2025-46636Dec 9, 2025risk 0.00cvss —epss 0.00
Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.
- CVE-2025-46637Dec 9, 2025risk 0.00cvss —epss 0.00
Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A local malicious user could potentially exploit this vulnerability, leading to Elevation of privileges.
- CVE-2025-46603Dec 5, 2025risk 0.00cvss —epss 0.00
Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior, contains an Improper Restriction of Excessive Authentication Attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access.
- CVE-2025-46369Nov 13, 2025risk 0.00cvss —epss 0.00
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation.
- CVE-2025-46370Nov 13, 2025risk 0.00cvss —epss 0.00
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Process Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure.
- CVE-2025-46362Nov 13, 2025risk 0.00cvss —epss 0.00
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering.
- CVE-2025-46368Nov 13, 2025risk 0.00cvss —epss 0.00
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.
- CVE-2025-46367Nov 13, 2025risk 0.00cvss —epss 0.00
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Detection of Error Condition Without Action vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary Code Execution.
- CVE-2025-46608Nov 12, 2025risk 0.00cvss —epss 0.00
Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. This vulnerability is considered Critical, as it…
- CVE-2025-46427Nov 12, 2025risk 0.00cvss —epss 0.01
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command…
- CVE-2025-46428Nov 12, 2025risk 0.00cvss —epss 0.01
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code…
- CVE-2024-48829Nov 12, 2025risk 0.00cvss —epss 0.00
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code ('Code Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
- CVE-2025-43723Nov 10, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to…
- CVE-2025-46430Nov 10, 2025risk 0.00cvss —epss 0.00
Dell Display and Peripheral Manager, versions prior to 2.1.2.12, contains an Execution with Unnecessary Privileges vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
- CVE-2025-22397Nov 6, 2025risk 0.00cvss —epss 0.00
Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10.80.00 through 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain an Improper Limitation of a Pathname to a…
- CVE-2025-43990Nov 5, 2025risk 0.00cvss —epss 0.00
Dell Command Monitor (DCM), versions prior to 10.12.3.28, contains an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
- CVE-2025-46366Nov 5, 2025risk 0.00cvss —epss 0.00
Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information.
- CVE-2025-46424Nov 5, 2025risk 0.00cvss —epss 0.00
Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service.
- CVE-2025-46365Nov 5, 2025risk 0.00cvss —epss 0.00
Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink.
- CVE-2025-46364Nov 5, 2025risk 0.00cvss —epss 0.00
Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain control of system.
- CVE-2025-45379Nov 5, 2025risk 0.00cvss —epss 0.01
Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to gain shell access of system.
- CVE-2025-30479Nov 5, 2025risk 0.00cvss —epss 0.01
Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system.
- CVE-2025-45378Nov 5, 2025risk 0.00cvss —epss 0.00
Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system. If ssh is enabled…
- CVE-2025-36592Oct 30, 2025risk 0.00cvss —epss 0.00
Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with remote access could potentially exploit…
- CVE-2025-46363Oct 30, 2025risk 0.00cvss —epss 0.00
Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00.00, contain a Relative Path Traversal vulnerability in the SCG exposed for an internal collection download REST API (if this REST API is enabled by Admin user from UI). A low…
- CVE-2025-43942Oct 30, 2025risk 0.00cvss —epss 0.01
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution…
- CVE-2025-46422Oct 30, 2025risk 0.00cvss —epss 0.01
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands…
- CVE-2025-46423Oct 30, 2025risk 0.00cvss —epss 0.01
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands…
- CVE-2025-43939Oct 30, 2025risk 0.00cvss —epss 0.01
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution…
- CVE-2025-43940Oct 30, 2025risk 0.00cvss —epss 0.01
Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution…
- CVE-2025-43941Oct 30, 2025risk 0.00cvss —epss 0.01
Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary command…
- CVE-2025-46602Oct 27, 2025risk 0.00cvss —epss 0.00
Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information…
- CVE-2025-43994Oct 24, 2025risk 0.00cvss —epss 0.01
Dell Storage Center - Dell Storage Manager, version(s) DSM 20.1.21, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
- CVE-2025-43995Oct 24, 2025risk 0.00cvss —epss 0.01
Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Authentication Bypass in DSM…
- CVE-2025-46425Oct 24, 2025risk 0.00cvss —epss 0.00
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
- CVE-2025-43991Oct 13, 2025risk 0.00cvss —epss 0.00
SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link (Symlink) following vulnerability. A low privileged attacker with local access to the system could potentially exploit this…
- CVE-2025-43724Oct 8, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares.
- CVE-2025-36565Oct 7, 2025risk 0.00cvss —epss 0.00
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Argument…
Page 7 of 31