Dell Security Vulnerabilities (CVEs)

Dell Device Management Agent (DDMA) versions before 26.02 contain an incorrect authorization vulnerability that allows local low-privileged attackers ...

Dell PowerScale OneFS version 9.13.0.0 has an overly restrictive account lockout mechanism that allows unauthenticated remote attackers to trigger acc...

Dell PowerScale OneFS has an incorrect default permissions vulnerability that allows high-privileged local attackers to execute arbitrary code, cause ...

Dell PowerScale OneFS contains an incorrect privilege assignment vulnerability that allows local low-privileged attackers to elevate their privileges....

Dell PowerScale OneFS contains an uncontrolled search path vulnerability that allows high-privileged local attackers to execute arbitrary code by mani...

Dell PowerScale OneFS contains a privilege escalation vulnerability where high-privileged local attackers can execute code with unnecessary privileges...

Dell Command | Intel vPro Out of Band versions before 4.7.0 have a path traversal vulnerability that allows local low-privileged attackers to execute ...

Dell Wyse Management Suite versions before 5.5 contain a cross-site scripting (XSS) vulnerability that allows low-privileged remote attackers to injec...

Dell Wyse Management Suite versions before 5.5 have a missing authorization vulnerability that allows low-privileged remote attackers to elevate their...

Dell Repository Manager versions before 3.4.8 have a path traversal vulnerability where attackers with local access can execute arbitrary code and esc...

Dell PowerProtect Data Manager versions before 19.22 have a REST API vulnerability where improper verification of communication channels allows high-p...

Dell PowerProtect Data Manager versions before 19.22 have an incorrect privilege assignment vulnerability that allows low-privileged remote attackers ...

Dell Unisphere for PowerMax version 10.2 contains a relative path traversal vulnerability that allows low-privileged remote attackers to modify critic...

Dell Unisphere for PowerMax versions 10.2 contain a missing authorization vulnerability that allows low-privileged remote attackers to gain unauthoriz...

Dell Unisphere for PowerMax version 10.2 contains a path traversal vulnerability that allows low-privileged remote attackers to delete arbitrary files...

Dell PowerProtect Data Manager versions before 19.22 have a REST API vulnerability where improper verification of communication channels allows high-p...

Dell SmartFabric OS10 Software contains a command injection vulnerability that allows authenticated high-privileged attackers to execute arbitrary com...

This vulnerability in Dell Update Package (DUP) Framework allows low-privileged local attackers to elevate their privileges to higher levels. It affec...

Dell OpenManage Network Integration versions before 3.9 have an improper authentication vulnerability that allows low-privileged remote attackers to a...

Dell CloudBoost Virtual Appliance versions before 19.14.0.0 store passwords in plaintext, allowing attackers with remote access and high privileges to...

Dell ECS and ObjectScale systems contain default credentials that allow low-privileged attackers with remote access to elevate privileges. This affect...

Dell ECS and ObjectScale systems transmit sensitive information in cleartext via Fabric Syslog, allowing unauthenticated attackers with network access...

Dell ECS and ObjectScale contain sensitive information in source code that could be exposed to local low-privileged attackers. This vulnerability affe...

Dell ECS and ObjectScale store sensitive information in cleartext, allowing local low-privileged attackers to read confidential data. This affects Del...

Dell Data Protection Advisor versions before 19.12 contain a template engine injection vulnerability that allows low-privileged remote attackers to ac...

Dell ECS and ObjectScale systems transmit sensitive information without encryption, allowing unauthenticated remote attackers to intercept and read th...

A Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Dell PowerScale OneFS allows low-privileged attackers with adjacent network acces...

Dell PowerScale OneFS contains an incorrect permission assignment vulnerability that allows low-privileged local attackers to cause denial of service....

Dell PowerScale OneFS versions before 9.13.0.0 have an insufficient logging vulnerability that allows unauthenticated remote attackers to potentially ...

Dell PowerScale OneFS versions before 9.13.0.0 have a vulnerability where attackers can bypass authentication rate limiting. Unauthenticated remote at...

This SQL injection vulnerability in Dell Unisphere for PowerMax allows low-privileged remote attackers to execute arbitrary commands on affected syste...

Dell SupportAssist OS Recovery versions before 5.5.15.1 create temporary files with insecure permissions, allowing local low-privileged attackers to m...

Dell SupportAssist OS Recovery versions before 5.5.15.1 create temporary files with insecure permissions, allowing local low-privileged attackers to m...

This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems running affected DD OS versions. A high-privileged a...

A heap-based buffer overflow vulnerability in Dell PowerProtect Data Domain with DD OS allows high-privileged attackers with local access to cause den...

This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems. A high-privileged attacker with local access could ...

Dell PowerProtect Data Domain systems running affected DD OS versions contain an information disclosure vulnerability. A high-privileged attacker with...

This XXE vulnerability in Dell Unisphere for PowerMax allows low-privileged remote attackers to access unauthorized data and resources by exploiting i...

Dell Encryption versions before 11.12.1 contain a link following vulnerability that allows local low-privileged attackers to manipulate symbolic links...

Dell Encryption versions before 11.12.1 contain a link-following vulnerability that allows local attackers to escalate privileges. This affects system...

Dell CloudBoost Virtual Appliance versions 19.13.0.0 and earlier have a vulnerability that allows attackers to bypass authentication rate limiting. Un...

Dell Alienware Command Center versions before 6.10.15.0 have an insecure temporary file vulnerability that allows local low-privileged attackers to es...

Dell Alienware Command Center versions before 6.10.15.0 have an improper access control vulnerability that allows local low-privileged attackers to ta...

Dell Alienware Command Center versions before 6.10.15.0 contain a vulnerability where error conditions are detected but not properly handled. A local ...

Dell SmartFabric OS10 Software versions before 10.6.1.0 contain a command injection vulnerability that allows low-privileged remote attackers to execu...

Dell SmartFabric OS10 Software contains a command injection vulnerability that allows low-privileged remote attackers to execute arbitrary code on aff...

This vulnerability allows a high-privileged attacker with local access to Dell SmartFabric OS10 switches to execute arbitrary code through improper in...

Dell PowerScale OneFS contains a broken cryptographic algorithm vulnerability that allows unauthenticated remote attackers to potentially access sensi...