Filtered by vendor Dell
Subscriptions
Total
1426 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-125113 | 2 Dell, Quest | 2 Kace K1000 Systems Management Appliance Software, Kace Systems Management Appliance | 2025-11-21 | N/A |
| An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance version 5.0 - 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 in the download_agent.php endpoint. An attacker can upload arbitrary PHP files to a temporary web-accessible directory, which are later executed through inclusion in backend code that loads files under attacker-controlled paths. | ||||
| CVE-2025-36553 | 2 Broadcom, Dell | 2 Bcm5820x, Controlvault3 | 2025-11-19 | 8.8 High |
| A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. | ||||
| CVE-2025-32089 | 2 Broadcom, Dell | 2 Bcm5820x, Controlvault3 | 2025-11-19 | 8.8 High |
| A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this vulnerability. | ||||
| CVE-2025-36460 | 3 Broadcom, Dell, Microsoft | 3 Bcm5820x, Controllvault3, Windows | 2025-11-19 | 7.3 High |
| Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 2 (`WBIO_USH_GET_IDENTITY`) with an improper `ReceiveBuferSize` value. | ||||
| CVE-2025-36462 | 2 Broadcom, Dell | 2 Bcm5820x, Controlvault3 | 2025-11-19 | 7.3 High |
| Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 3 (`WBIO_USH_CREATE_CHALLENGE`) with an invalid `ReceiveBuferSize`. | ||||
| CVE-2025-36463 | 3 Broadcom, Dell, Microsoft | 3 Bcm5820x, Controlvault3, Windows | 2025-11-19 | 7.3 High |
| Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 4 (`WBIO_USH_ADD_RECORD`) and with an invalid `SendBufferSize`. | ||||
| CVE-2024-48829 | 1 Dell | 1 Smartfabric Os10 | 2025-11-17 | 6.7 Medium |
| Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code ('Code Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | ||||
| CVE-2025-46427 | 1 Dell | 1 Smartfabric Os10 | 2025-11-17 | 8.8 High |
| Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. | ||||
| CVE-2025-46428 | 1 Dell | 1 Smartfabric Os10 | 2025-11-17 | 8.8 High |
| Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution. | ||||
| CVE-2025-46362 | 1 Dell | 1 Alienware Command Center | 2025-11-17 | 6.6 Medium |
| Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering. | ||||
| CVE-2025-46368 | 1 Dell | 1 Alienware Command Center | 2025-11-17 | 6.6 Medium |
| Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. | ||||
| CVE-2025-46369 | 1 Dell | 1 Alienware Command Center | 2025-11-17 | 7.8 High |
| Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation. | ||||
| CVE-2025-46370 | 1 Dell | 1 Alienware Command Center | 2025-11-17 | 3.3 Low |
| Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Process Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure. | ||||
| CVE-2025-43723 | 1 Dell | 1 Powerscale Onefs | 2025-11-14 | 5.9 Medium |
| Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2025-46430 | 1 Dell | 1 Display And Peripheral Manager | 2025-11-12 | 7.3 High |
| Dell Display and Peripheral Manager, versions prior to 2.1.2.12, contains an Execution with Unnecessary Privileges vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | ||||
| CVE-2025-36592 | 1 Dell | 2 Policy Manager For Secure Connect Gateway, Secure Connect Gateway Policy Manager | 2025-11-10 | 5.4 Medium |
| Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Script injection. | ||||
| CVE-2020-11899 | 2 Dell, Treck | 7 Wyse 5030, Wyse 5030 Firmware, Wyse 5050 All-in-one and 4 more | 2025-11-07 | 5.4 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | ||||
| CVE-2025-30479 | 1 Dell | 1 Cloudlink | 2025-11-07 | 8.4 High |
| Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system. | ||||
| CVE-2025-46424 | 1 Dell | 1 Cloudlink | 2025-11-07 | 6.7 Medium |
| Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service. | ||||
| CVE-2025-46366 | 1 Dell | 1 Cloudlink | 2025-11-07 | 6.7 Medium |
| Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information. | ||||