Dell Security Vulnerabilities (CVEs)
Track 469 security vulnerabilities affecting Dell products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows a local malicious user with high privileges to exploit improper SMM communication buffer verification in Dell PowerEdge and ...
Mar 16, 2023This vulnerability allows a local attacker with high privileges to exploit improper buffer verification in Dell PowerEdge and Precision BIOS System Ma...
Mar 16, 2023This vulnerability allows a local attacker with high privileges to exploit improper SMM communication buffer verification in Dell PowerEdge and Precis...
Mar 16, 2023This vulnerability allows a local malicious user with high privileges to exploit improper SMM communication buffer verification in Dell PowerEdge and ...
Mar 16, 2023This vulnerability allows a local attacker with high privileges to exploit improper SMM communication buffer verification in Dell PowerEdge and Precis...
Mar 16, 2023This vulnerability allows a local attacker with high privileges to exploit improper buffer verification in Dell PowerEdge and Precision BIOS System Ma...
Mar 16, 2023This vulnerability allows a local malicious user with high privileges to exploit improper SMM communication buffer verification in Dell PowerEdge and ...
Mar 16, 2023This vulnerability allows a local malicious user with high privileges to exploit improper SMM communication buffer verification in Dell PowerEdge and ...
Mar 16, 2023Dell BIOS contains an improper input validation vulnerability that allows local authenticated users with administrator privileges to execute arbitrary...
Mar 16, 2023Dell NetWorker versions 19.5 and earlier expose Apache Tomcat version information, allowing attackers to fingerprint the software. This vulnerability ...
Mar 1, 2023This vulnerability allows a low-privileged remote attacker to execute arbitrary commands on Dell Unisphere for PowerMax vApp, VASA Provider vApp, and ...
Feb 11, 2023This vulnerability allows authenticated admin users in Dell Wyse Management Suite to access pro license features they are not authorized to use, enabl...
Feb 11, 2023CVE-2022-34445 is a weak password encoding vulnerability in Dell PowerScale OneFS that allows local privileged attackers to potentially decode stored ...
Feb 11, 2023This vulnerability allows local low-privileged users to view and modify sensitive information in Dell SupportAssist's database. It affects both Home a...
Feb 11, 2023This vulnerability allows authenticated remote users with limited privileges (like Monitoring role) to bypass authorization controls in PowerPath Mana...
Feb 11, 2023CVE-2022-34448 is a Cross-Site Request Forgery (CSRF) vulnerability in Dell PowerPath Management Appliance that allows unauthenticated users to trick ...
Feb 11, 2023This CVE describes a local privilege escalation vulnerability in Dell's Advanced Driver Restore component. A local malicious user can exploit this to ...
Feb 11, 2023Dell PowerScale OneFS versions 8.2.x through 9.4.x contain stored cross-site scripting (XSS) vulnerabilities. Remote authenticated users with high pri...
Feb 10, 2023This vulnerability allows a local authenticated malicious user to send malicious input to a named pipe in Dell Alienware Command Center, potentially l...
Feb 10, 2023CVE-2023-23696 is an improper authorization vulnerability in Dell Command Intel vPro Out of Band software that allows locally authenticated malicious ...
Feb 7, 2023CVE-2023-24576 is an unauthenticated remote code execution vulnerability in EMC NetWorker's nsrexecd service. This allows attackers to execute arbitra...
Feb 3, 2023This vulnerability in Dell Enterprise SONiC OS allows unauthenticated remote attackers to cause denial of service by exploiting an uncontrolled resour...
Feb 2, 2023Dell PowerScale OneFS versions 9.1.0.x through 9.4.0.x log sensitive information (likely passwords) when users change passwords via the API. A local a...
Feb 1, 2023This vulnerability allows a local high-privileged attacker to escape container isolation and execute arbitrary operating system commands on the underl...
Feb 1, 2023Dell OpenManage Server Administrator (OMSA) versions 10.3.0.0 and earlier contain a DLL injection vulnerability that allows local authenticated attack...
Feb 1, 2023This vulnerability allows a local authenticated attacker to execute arbitrary code in SMRAM (System Management RAM) by exploiting a stack-based buffer...
Feb 1, 2023This vulnerability in Dell PowerScale OneFS involves weak encoding for NDMP passwords, allowing a malicious privileged local attacker to potentially c...
Feb 1, 2023This CVE describes a heap buffer overflow vulnerability in Dell BIOS that allows a local attacker with administrative privileges to perform arbitrary ...
Feb 1, 2023This vulnerability allows a local malicious user to bypass cryptographic signature verification in Dell update utilities, potentially leading to execu...
Feb 1, 2023CVE-2022-45101 is an improper privilege handling vulnerability in Dell PowerScale OneFS NFS implementation. Remote unauthenticated attackers can explo...
Feb 1, 2023Dell EMC PowerStore Manager GUI has an authentication rate limiting vulnerability that allows unauthenticated remote attackers to perform password bru...
Jul 21, 2022CVE-2020-29505 is a key management vulnerability in Dell BSAFE cryptographic libraries that could allow attackers to compromise cryptographic operatio...
Jul 11, 2022CVE-2020-35169 is an improper input validation vulnerability in Dell BSAFE cryptographic libraries that could allow attackers to execute arbitrary cod...
Jul 11, 2022Dell PowerProtect Cyber Recovery versions before 19.11 contain a privilege escalation vulnerability where authenticated users with lower privileges ca...
Jul 7, 2022Dell PowerScale OneFS versions 8.2.x through 9.3.0.x contain an error message that leaks sensitive information. This vulnerability allows administrato...
Jun 28, 2022Dell PowerScale OneFS versions 8.2.x through 9.2.x contain a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker cou...
Jun 28, 2022Dell SupportAssist contains a privilege escalation vulnerability where non-admin users can gain admin access to the system. This affects both Consumer...
Jun 10, 2022This vulnerability allows authenticated non-admin users to delete or overwrite arbitrary files on systems running vulnerable versions of Dell SupportA...
Jun 10, 2022Dell PowerStore storage systems store certain user credentials in plain text, allowing locally authenticated attackers to read sensitive passwords. Th...
Jun 2, 2022Dell PowerStore storage systems have an open port vulnerability that allows remote unauthenticated attackers to access sensitive information and execu...
Jun 2, 2022CVE-2020-26185 is a buffer over-read vulnerability in Dell BSAFE Micro Edition Suite that could allow attackers to read sensitive information from adj...
Jun 1, 2022Dell BIOS contains an improper input validation vulnerability in System Management Mode (SMM). A local authenticated attacker can exploit this via Sys...
May 26, 2022CVE-2022-24422 is an improper authentication vulnerability in Dell iDRAC9 that allows remote unauthenticated attackers to bypass authentication and ga...
May 26, 2022Dell EMC CloudLink versions 7.1.3 and earlier expose authentication tokens in GET request URLs, which can be logged by reverse proxies and servers. At...
May 26, 2022CVE-2022-24424 is a path traversal vulnerability in Dell EMC AppSync that allows remote unauthenticated attackers to read arbitrary files on the serve...
Apr 21, 2022This vulnerability allows an unprivileged network attacker to cause a denial-of-service condition in Dell PowerScale OneFS SmartConnect. It affects De...
Apr 12, 2022CVE-2022-24412 is an improper handling of value vulnerability in Dell EMC PowerScale OneFS, allowing an unprivileged network attacker to cause a denia...
Apr 12, 2022CVE-2022-22549 is an improper certificate validation vulnerability in Dell PowerScale OneFS storage systems. Unauthenticated remote attackers can expl...
Apr 12, 2022Dell PowerScale OneFS version 9.3.0 uses a broken or risky cryptographic algorithm, allowing unprivileged network attackers to potentially decrypt sen...
Apr 12, 2022Dell PowerScale OneFS versions 8.2.x through 9.3.0.x have an authentication rate limiting vulnerability that allows unauthenticated remote attackers t...
Apr 12, 2022Why Monitor Dell Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 469+ known vulnerabilities affecting Dell products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Dell packages in under 60 seconds. No agents required - completely agentless scanning that works across Dell deployments.
Free vulnerability database: Access detailed information about every Dell CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Dell CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
