Dell Security Vulnerabilities (CVEs)
Track 465 security vulnerabilities affecting Dell products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This path traversal vulnerability in Dell iDRAC9 and iDRAC10 allows authenticated high-privilege attackers to access restricted directories. Attackers...
Nov 6, 2025Dell CloudLink versions before 8.1.1 contain a command injection vulnerability that allows authenticated attackers to execute arbitrary commands on af...
Nov 5, 2025This vulnerability in Dell CloudLink allows privileged users to escalate their privileges or access the database to obtain confidential information. I...
Nov 5, 2025Dell CloudLink versions before 8.2 contain a cryptographic implementation vulnerability that allows high-privileged attackers to cause denial of servi...
Nov 5, 2025Dell CloudLink versions 8.0 through 8.1.2 have a vulnerability where privileged users with known passwords can escape the restricted shell, gaining fu...
Nov 5, 2025This vulnerability allows a privileged user with known credentials to execute arbitrary commands through command injection in Dell CloudLink, potentia...
Nov 5, 2025This vulnerability allows a privileged user with known credentials to escape CLI restrictions and gain full system control in Dell CloudLink. It affec...
Nov 5, 2025Dell Command Monitor versions before 10.12.3.28 contain a privilege escalation vulnerability where local low-privileged users can execute code with un...
Nov 5, 2025Dell CloudLink versions before 8.2 contain an OS command injection vulnerability (CWE-78) where authenticated privileged users can execute arbitrary c...
Nov 5, 2025Dell Secure Connect Gateway Policy Manager versions 5.20 through 5.28 contain a cross-site scripting (XSS) vulnerability that allows unauthenticated r...
Oct 30, 2025Dell Secure Connect Gateway (SCG) versions 5.26.00.00 through 5.30.00.00 contain a relative path traversal vulnerability in a REST API endpoint used f...
Oct 30, 2025This CVE describes an OS command injection vulnerability in Dell Unity storage systems. A low-privileged attacker with local access can execute arbitr...
Oct 30, 2025This OS command injection vulnerability in Dell Unity storage systems allows low-privileged local attackers to execute arbitrary commands with root pr...
Oct 30, 2025This CVE describes an OS command injection vulnerability in Dell Unity storage systems. A low-privileged attacker with local access can execute arbitr...
Oct 30, 2025Dell SupportAssist OS Recovery versions before 5.5.15.0 can expose sensitive information to local low-privileged attackers through file/directory acce...
Oct 27, 2025CVE-2025-43995 is an authentication bypass vulnerability in Dell Storage Manager that allows unauthenticated remote attackers to access protected APIs...
Oct 24, 2025This XXE vulnerability in Dell Storage Manager allows attackers to read arbitrary files on the server or potentially cause denial of service. It affec...
Oct 24, 2025This vulnerability allows a high-privileged attacker with local access to bypass authorization controls in Dell PowerScale OneFS, potentially gaining ...
Oct 8, 2025This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems. A high-privileged attacker with local access can ex...
Oct 7, 2025This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems running affected DD OS versions. A high-privileged a...
Oct 7, 2025An authentication bypass vulnerability in Dell PowerProtect Data Domain's RestAPI allows unauthenticated remote attackers to gain unauthorized access....
Oct 7, 2025This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems running affected DD OS versions. A high-privileged a...
Oct 7, 2025Dell PowerProtect Data Domain systems running affected DD OS versions contain a broken cryptographic algorithm vulnerability. Unauthenticated remote a...
Oct 7, 2025This path traversal vulnerability in Dell PowerProtect Data Domain allows high-privileged local attackers to access restricted directories, potentiall...
Oct 7, 2025A stack-based buffer overflow vulnerability in Dell PowerProtect Data Domain with DD OS allows high-privileged attackers with local access to cause de...
Oct 7, 2025This vulnerability allows low-privileged remote attackers to inject malicious arguments into commands on Dell PowerProtect Data Domain systems, potent...
Oct 7, 2025This CVE describes a path traversal vulnerability in Dell PowerProtect Data Domain systems where attackers can use '.../...//' sequences to access una...
Oct 7, 2025This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems. A high-privileged attacker with local access can ex...
Oct 7, 2025A heap-based buffer overflow vulnerability in Dell PowerProtect Data Domain with DD OS allows unauthenticated remote attackers to cause denial of serv...
Oct 7, 2025Dell PowerProtect Data Domain systems running vulnerable DD OS versions contain a path traversal vulnerability in the UI that allows unauthenticated r...
Oct 7, 2025Dell PowerProtect Data Domain systems using vulnerable DD OS versions contain a broken cryptographic algorithm in authentication mechanisms. An unauth...
Oct 7, 2025Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems contain an Incorrect Privilege Assignment vulnerability (CWE-266). A local attacker wit...
Oct 7, 2025This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems running affected DD OS versions. A high-privileged a...
Oct 7, 2025This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain systems running affected DD OS versions. A high-privileged a...
Oct 7, 2025Dell Repository Manager versions 3.4.7 and 3.4.8 contain a privilege escalation vulnerability where a low-privileged local attacker can gain elevated ...
Sep 29, 2025Dell Cloud Disaster Recovery versions before 19.20 contain an OS command injection vulnerability that allows high-privileged local attackers to execut...
Sep 25, 2025Dell BSAFE Micro Edition Suite versions before 5.0.2.3 contain an out-of-bounds write vulnerability. An unauthenticated remote attacker could exploit ...
Sep 25, 2025Dell PowerScale OneFS versions 9.5.0.0 through 9.11.0.0 contain an information disclosure vulnerability where unauthenticated remote attackers can acc...
Sep 25, 2025Dell PowerProtect Data Manager versions 19.19 and 19.20 for Hyper-V store passwords in plaintext, allowing high-privileged local attackers to steal cr...
Sep 10, 2025This vulnerability allows local low-privileged attackers to execute arbitrary operating system commands on Dell PowerProtect Data Manager Hyper-V syst...
Sep 10, 2025Dell PowerProtect Data Manager versions 19.19 and 19.20 on Hyper-V have incorrect default permissions that allow local low-privileged attackers to ele...
Sep 10, 2025Dell PowerProtect Data Manager Generic Application Agent versions 19.19 and 19.20 have incorrect default permissions that allow local low-privileged a...
Sep 10, 2025Dell PowerScale OneFS versions before 9.12.0.0 have a privilege escalation vulnerability where a high-privileged local attacker can gain additional sy...
Sep 8, 2025Dell Alienware Command Center versions before 5.10.2.0 contain a link following vulnerability that allows local attackers with low privileges to eleva...
Sep 2, 2025Dell ThinOS 10 versions before 2508_10.0127 contain an argument injection vulnerability that allows local unauthenticated attackers to execute arbitra...
Aug 27, 2025Dell ThinOS 10 contains a protection mechanism failure vulnerability that allows unauthenticated remote attackers to bypass security controls. This af...
Aug 27, 2025Dell iDRAC Service Module (iSM) versions before 6.0.3.0 contain a buffer length validation vulnerability that allows local attackers with low privileg...
Aug 21, 2025Dell Data Lakehouse versions before 1.5.0.0 have a privilege escalation vulnerability where high-privileged local attackers can execute code with unne...
Aug 14, 2025Dell OpenManage Enterprise versions 3.10 through 4.2 contain a vulnerability where sensitive information is written to log files during backup and res...
Aug 14, 2025Dell SupportAssist for Business PCs versions 4.5.3 and earlier contain an incorrect privilege assignment vulnerability (CWE-266). A local attacker wit...
Aug 14, 2025Why Monitor Dell Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 465+ known vulnerabilities affecting Dell products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Dell packages in under 60 seconds. No agents required - completely agentless scanning that works across Dell deployments.
Free vulnerability database: Access detailed information about every Dell CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Dell CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
