Dell Security Vulnerabilities (CVEs)
Track 469 security vulnerabilities affecting Dell products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows a low-privileged local attacker to gain elevated privileges through the Dell SupportAssist installer. It affects users runni...
Aug 14, 2025Dell CloudLink versions 8.0 through 8.1.1 contain an XML External Entity (XXE) vulnerability that allows high-privileged attackers with remote access ...
Aug 14, 2025Dell SupportAssist OS Recovery versions before 5.5.14.0 create temporary files with insecure permissions, allowing local authenticated attackers to mo...
Aug 6, 2025Dell Enterprise SONiC OS version 4.5.0 has a cryptographic key vulnerability in SSH that allows unauthenticated remote attackers to potentially gain u...
Aug 4, 2025Dell Avamar versions before 19.12 with patch 338905 (excluding 19.10SP1 with patch 338904) have a server-side vulnerability where HTTP permission meth...
Aug 4, 2025An authentication bypass vulnerability in Dell PowerProtect Data Domain allows unauthenticated remote attackers to create accounts and bypass protecti...
Aug 4, 2025This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain's DDSH CLI. A high-privileged attacker with local access can...
Aug 4, 2025This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain's DDSH CLI. A high-privileged attacker with local access can...
Aug 4, 2025This vulnerability allows a high-privileged attacker with local access to execute arbitrary OS commands with root privileges on Dell PowerProtect Data...
Aug 4, 2025This CVE describes an OS command injection vulnerability in Dell PowerProtect Data Domain's DDSH CLI. Attackers with local low-privileged access can e...
Aug 4, 2025This CVE describes an OS command injection vulnerability in Dell Unity storage systems. Unauthenticated remote attackers can execute arbitrary command...
Aug 4, 2025Dell Unity storage systems running version 5.5 and earlier contain an OS command injection vulnerability in the svc_nfssupport utility. Authenticated ...
Aug 4, 2025Dell SmartFabric OS10 Software versions before 10.6.0.5 have a file permission vulnerability that allows low-privileged local users to access files or...
Jul 30, 2025Dell XtremIO version 6.4.0-22 logs sensitive information like credentials in log files. A low-privileged attacker with local access can read these log...
Jul 30, 2025This vulnerability allows a local malicious user to exploit improper link resolution in Dell Encryption and Dell Security Management Server, potential...
Jul 30, 2025Dell PowerScale OneFS versions before 9.11.0.0 use broken or risky cryptographic algorithms, allowing high-privileged remote attackers to potentially ...
Jul 21, 2025This vulnerability in Dell AppSync 4.6.0.0 allows a low-privileged attacker with local access to exploit an XML External Entity (XXE) flaw, potentiall...
Jul 21, 2025This vulnerability in Dell Client Platform BIOS allows a high-privileged attacker with local access to execute arbitrary code by exploiting improper a...
Jul 8, 2025Dell NetWorker versions 19.12.0.1 and earlier contain an algorithm downgrade vulnerability that allows unauthenticated remote attackers to force the u...
Jul 1, 2025Dell OpenManage Network Integration versions before 3.8 contain a RADIUS authentication bypass vulnerability where attackers can replay captured proto...
Jun 30, 2025Dell Unisphere for PowerMax vApp version 9.2.4.x contains a static code injection vulnerability that allows high-privileged remote attackers to execut...
Jun 27, 2025This CVE describes an SQL injection vulnerability in Dell PowerScale OneFS storage systems. A low-privileged attacker with local access could execute ...
Jun 20, 2025Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.1 have a critical missing authorization vulnerability in NFS export. Unauthenticated remote atta...
Jun 20, 2025Dell Smart Dock Firmware versions before 01.00.08.01 write sensitive information to log files that local users can read. This allows information discl...
Jun 12, 2025This vulnerability allows a high-privileged attacker with remote access to inject malicious scripts into Dell Wyse Management Suite web pages. When ex...
Jun 10, 2025This vulnerability allows a high-privileged attacker with remote access to inject malicious scripts into Dell Wyse Management Suite web pages. When ex...
Jun 10, 2025Dell Wyse Management Suite versions before 5.2 contain an absolute path traversal vulnerability that allows unauthenticated remote attackers to access...
Jun 10, 2025Dell Encryption Admin Utilities versions before 11.10.2 contain an improper link resolution vulnerability (CWE-61) that allows local malicious users t...
Jun 3, 2025Dell ThinOS 2502 and earlier versions store sensitive information in cleartext, allowing high-privileged attackers with physical access to read this d...
May 29, 2025Dell PowerStore version 4.0.0.0 contains hard-coded credentials in its image file, allowing attackers with knowledge of these credentials to gain unau...
May 28, 2025Dell PowerScale OneFS versions 9.4.0.0 through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote unauthenticated attacker c...
May 15, 2025Dell PowerScale InsightIQ version 5.2 has an uncontrolled resource consumption vulnerability that allows unauthenticated remote attackers to cause den...
May 15, 2025A TOCTOU race condition vulnerability in Dell PowerScale OneFS allows unauthenticated attackers with local access to cause denial of service or tamper...
May 8, 2025Dell Storage Manager version 20.1.20 contains an improper authentication vulnerability that allows adjacent network attackers to bypass authentication...
May 6, 2025This vulnerability allows a high-privileged attacker with local access to inject malicious web scripts or HTML into Dell PowerProtect Data Manager Rep...
Apr 28, 2025Dell ECS versions 3.8.1.4 and earlier contain an improper input validation vulnerability that allows low-privileged remote attackers to execute arbitr...
Apr 17, 2025Dell Alienware Command Center versions before 6.7.37.0 have an improper access control vulnerability that allows local low-privileged attackers to ele...
Apr 16, 2025Dell Trusted Device versions before 7.0.3.0 contain a link following vulnerability that allows local attackers with low privileges to elevate their pr...
Apr 15, 2025Dell PowerProtect Cyber Recovery versions before 19.18.0.2 expose sensitive information in sent data. A high-privileged remote attacker can exploit th...
Apr 11, 2025Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.0 contain an uncontrolled resource consumption vulnerability. An unauthenticated remote attacker...
Apr 10, 2025Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.0 contain a default password vulnerability that allows unauthenticated remote attackers to take ...
Apr 10, 2025Dell PowerScale OneFS versions 9.4.0.0 through 9.10.0.1 contain an incorrect authorization vulnerability. An unauthenticated attacker with local acces...
Apr 10, 2025Dell Common Event Enabler version 9.0.0.0 contains an improper restriction of communication channel vulnerability in its Common Anti-Virus Agent (CAVA...
Apr 8, 2025Dell Common Event Enabler version 9.0.0.0 contains an insecure default configuration vulnerability in its Common Anti-Virus Agent component. Unauthent...
Apr 8, 2025Dell Wyse Management Suite versions before 5.1 have a vulnerability where high-privileged attackers with remote access can upload dangerous file types...
Apr 2, 2025Dell Wyse Management Suite versions before 5.1 contain an insufficient resource pool vulnerability that allows unauthenticated remote attackers to cau...
Apr 2, 2025Dell Wyse Management Suite versions before 5.1 expose sensitive information through data queries. Unauthenticated remote attackers can exploit this vu...
Apr 2, 2025Dell Unity storage systems version 5.4 and earlier contain an open redirect vulnerability that allows unauthenticated attackers to redirect users to m...
Mar 28, 2025This OS command injection vulnerability in Dell Unity storage systems allows attackers with local access to execute arbitrary commands with elevated p...
Mar 28, 2025This CVE describes an OS command injection vulnerability in Dell Unity storage systems. A low-privileged attacker with local access can execute arbitr...
Mar 28, 2025Why Monitor Dell Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 469+ known vulnerabilities affecting Dell products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Dell packages in under 60 seconds. No agents required - completely agentless scanning that works across Dell deployments.
Free vulnerability database: Access detailed information about every Dell CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Dell CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
