Filtered by vendor Dell
Subscriptions
Total
1426 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46676 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-01-13 | 2.7 Low |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2025-27686 | 1 Dell | 1 Unisphere For Powermax | 2026-01-12 | 2.7 Low |
| Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and PowerMax version(s) prior to PowerMax 9.2.4.15, contain an Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection. | ||||
| CVE-2025-29988 | 1 Dell | 522 14 Plus 2-in-1 Db04250, 14 Plus 2-in-1 Db04250 Firmware, 14 Plus Db14250 and 519 more | 2026-01-12 | 6.9 Medium |
| Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution. | ||||
| CVE-2025-46696 | 1 Dell | 2 Secure Connect Gateway Appliance, Secure Connect Gateway Application | 2026-01-08 | 6.4 Medium |
| Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2025-43995 | 1 Dell | 2 Dell Storage Manager, Storage Manager | 2026-01-07 | 9.8 Critical |
| Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Authentication Bypass in DSM Data Collector. An unauthenticated remote attacker can access APIs exposed by ApiProxy.war in DataCollectorEar.ear by using a special SessionKey and UserId. These userid are special users created in compellentservicesapi for special purposes. | ||||
| CVE-2024-39580 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2025-12-31 | 6.7 Medium |
| Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2024-39581 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2025-12-31 | 7.3 High |
| Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files. | ||||
| CVE-2024-39582 | 1 Dell | 1 Insightiq | 2025-12-31 | 2.3 Low |
| Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2024-39583 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2025-12-31 | 8.1 High |
| Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2022-34381 | 1 Dell | 2 Bsafe Crypto-j, Bsafe Ssl-j | 2025-12-16 | 9.1 Critical |
| Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity. | ||||
| CVE-2025-46636 | 1 Dell | 1 Encryption | 2025-12-10 | 6.6 Medium |
| Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. | ||||
| CVE-2025-46637 | 1 Dell | 1 Encryption | 2025-12-10 | 7.3 High |
| Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A local malicious user could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2025-22399 | 1 Dell | 1 Utility Configuration Collector Edge | 2025-12-06 | 7.9 High |
| Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery | ||||
| CVE-2025-21103 | 1 Dell | 2 Networker, Networker Management Console | 2025-12-06 | 7.8 High |
| Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 contain(s) an improper neutralization of server-side vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability and run arbitrary code on the server. | ||||
| CVE-2025-46608 | 1 Dell | 1 Data Lakehouse | 2025-12-05 | 9.1 Critical |
| Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. This vulnerability is considered Critical, as it may result in unauthorized access with elevated privileges, compromising system integrity and customer data. Dell recommends customers upgrade to the latest version at the earliest opportunity. | ||||
| CVE-2025-36461 | 2 Broadcom, Dell | 2 Bcm5820x, Controlvault3 | 2025-12-01 | 7.3 High |
| Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 0 (`WBIO_USH_GET_TEMPLATE`) and with either and an invalid `ReceiveBuferSize` and/or an invalid `SendBufferSize`. | ||||
| CVE-2025-31361 | 2 Broadcom, Dell | 2 Bcm5820x, Controlvault3 | 2025-12-01 | 8.7 High |
| A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIO_USH_ADD_RECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue an api call to trigger this vulnerability. | ||||
| CVE-2025-31649 | 2 Broadcom, Dell | 2 Bcm5820x, Controlvault3 | 2025-12-01 | 8.7 High |
| A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call to trigger this vulnerability. | ||||
| CVE-2024-52541 | 1 Dell | 784 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 781 more | 2025-12-01 | 8.2 High |
| Dell Client Platform BIOS contains a Weak Authentication vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | ||||
| CVE-2025-46367 | 1 Dell | 1 Alienware Command Center | 2025-12-01 | 7.8 High |
| Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Detection of Error Condition Without Action vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary Code Execution. | ||||