Filtered by vendor Dell
Subscriptions
Total
1376 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-5355 | 1 Dell | 1 Emc Isilon Onefs | 2025-05-07 | 4.3 Medium |
| The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission Control Protocol (TCP) and stream forwarding. This provides the remotesupport user and users with restricted shells more access than is intended. | ||||
| CVE-2022-26870 | 1 Dell | 1 Powerstoreos | 2025-05-07 | 7 High |
| Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability under specific configuration. An attacker would gain unauthorized access upon successful exploit. | ||||
| CVE-2022-31239 | 1 Dell | 1 Emc Powerscale Onefs | 2025-05-07 | 6.7 Medium |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files vulnerability. A privileged local user may potentially exploit this vulnerability, leading to disclosure of this sensitive data. | ||||
| CVE-2022-34437 | 1 Dell | 1 Emc Powerscale Onefs | 2025-05-07 | 6.7 Medium |
| Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters. | ||||
| CVE-2022-34439 | 1 Dell | 1 Emc Powerscale Onefs | 2025-05-07 | 5.3 Medium |
| Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node. | ||||
| CVE-2024-0166 | 1 Dell | 1 Unity Operating Environment | 2025-05-06 | 7.8 High |
| Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_tcpdump utility. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands with elevated privileges. | ||||
| CVE-2024-0170 | 1 Dell | 1 Unity Operating Environment | 2025-05-06 | 7.8 High |
| Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cava utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges. | ||||
| CVE-2024-0167 | 1 Dell | 1 Unity Operating Environment | 2025-05-06 | 7.8 High |
| Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files on the file system with root privileges. | ||||
| CVE-2024-0165 | 1 Dell | 1 Unity Operating Environment | 2025-05-06 | 7.8 High |
| Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges. | ||||
| CVE-2024-49559 | 1 Dell | 1 Smartfabric Os10 | 2025-04-30 | 8.8 High |
| Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Use of Default Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | ||||
| CVE-2024-22464 | 1 Dell | 1 Emc Appsync | 2025-04-24 | 6.2 Medium |
| Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account. | ||||
| CVE-2024-0169 | 1 Dell | 1 Unity Operating Environment | 2025-04-24 | 5.7 Medium |
| Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. | ||||
| CVE-2023-32462 | 1 Dell | 1 Smartfabric Os10 | 2025-04-24 | 9.8 Critical |
| Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and possible system takeover. This is a critical vulnerability as it allows an attacker to cause severe damage. Dell recommends customers to upgrade at the earliest opportunity. | ||||
| CVE-2015-7274 | 1 Dell | 2 Integrated Remote Access Controller 6, Integrated Remote Access Controller Firmware | 2025-04-20 | N/A |
| Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 allows remote attackers to execute arbitrary administrative HTTP commands. | ||||
| CVE-2015-7273 | 1 Dell | 3 Integrated Remote Access Controller 7, Integrated Remote Access Controller 8, Integrated Remote Access Controller Firmware | 2025-04-20 | N/A |
| Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE. | ||||
| CVE-2015-7272 | 1 Dell | 4 Integrated Remote Access Controller 6, Integrated Remote Access Controller 7, Integrated Remote Access Controller 8 and 1 more | 2025-04-20 | N/A |
| Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input. | ||||
| CVE-2015-7271 | 1 Dell | 3 Integrated Remote Access Controller 7, Integrated Remote Access Controller 8, Integrated Remote Access Controller Firmware | 2025-04-20 | N/A |
| Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo. | ||||
| CVE-2015-7270 | 1 Dell | 4 Integrated Remote Access Controller 6, Integrated Remote Access Controller 7, Integrated Remote Access Controller 8 and 1 more | 2025-04-20 | N/A |
| Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal. | ||||
| CVE-2015-4057 | 1 Dell | 1 Vce Vision Intelligent Operations | 2025-04-20 | 7.5 High |
| The "Plug-in for VMware vCenter" in VCE Vision Intelligent Operations before 2.6.5 sends a cleartext HTTP response upon a request for the Settings screen, which allows remote attackers to discover the admin user password by sniffing the network. | ||||
| CVE-2015-4056 | 1 Dell | 1 Vce Vision Intelligent Operations | 2025-04-20 | 6.7 Medium |
| The System Library in VCE Vision Intelligent Operations before 2.6.5 does not properly implement cryptography, which makes it easier for local users to discover credentials by leveraging administrative access. | ||||