Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dell Subscribe
Total 760 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-22575 1 Dell 1 Emc Powerscale Onefs 2023-02-08 N/A 8.8 HIGH
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges.
CVE-2022-46756 1 Dell 1 Vxrail Manager 2023-02-08 N/A 6.7 MEDIUM
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
CVE-2022-45102 1 Dell 5 Dp4400, Dp4400 Firmware, Dp5900 and 2 more 2023-02-08 N/A 6.1 MEDIUM
Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web cache or trigger redirections.
CVE-2023-23692 1 Dell 1 Emc Data Domain Os 2023-02-08 N/A 8.8 HIGH
Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.
CVE-2022-34396 1 Dell 1 Openmanage Server Administrator 2023-02-08 N/A 7.8 HIGH
Dell OpenManage Server Administrator (OMSA) version 10.3.0.0 and earlier contains a DLL Injection Vulnerability. A local low privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges. Exploitation may lead to a complete system compromise.
CVE-2022-34443 1 Dell 1 Rugged Control Center 2023-02-08 N/A 7.8 HIGH
Dell Rugged Control Center, versions prior to 4.5, contain an Improper Input Validation in the Service EndPoint. A Local Low Privilege attacker could potentially exploit this vulnerability, leading to an Escalation of privileges.
CVE-2022-34459 1 Dell 3 Alienware Update, Command Update, Update 2023-02-08 N/A 7.8 HIGH
Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a improper verification of cryptographic signature in get applicable driver component. A local malicious user could potentially exploit this vulnerability leading to malicious payload execution.
CVE-2022-34458 1 Dell 3 Alienware Update, Command Update, Update 2023-02-08 N/A 5.5 MEDIUM
Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in download operation component. A local malicious user could potentially exploit this vulnerability leading to the disclosure of confidential data.
CVE-2022-45095 1 Dell 1 Emc Powerscale Onefs 2023-02-08 N/A 6.7 MEDIUM
Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information disclosure, and data deletion.
CVE-2023-22572 1 Dell 1 Emc Powerscale Onefs 2023-02-08 N/A 7.8 HIGH
Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover.
CVE-2022-45101 1 Dell 1 Emc Powerscale Onefs 2023-02-08 N/A 9.8 CRITICAL
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and remote execution.
CVE-2022-45097 1 Dell 1 Emc Powerscale Onefs 2023-02-08 N/A 8.8 HIGH
Dell PowerScale OneFS 9.0.0.x-9.4.0.x contains an Incorrect User Management vulnerability. A low privileged network attacker could potentially exploit this vulnerability, leading to escalation of privileges, and information disclosure.
CVE-2022-45096 1 Dell 1 Emc Powerscale Onefs 2023-02-08 N/A 6.5 MEDIUM
Dell PowerScale OneFS, 8.2.0 through 9.3.0, contain an User Interface Security Issue. An unauthenticated remote user could unintentionally lead an administrator to enable this vulnerability, leading to disclosure of information.
CVE-2022-46679 1 Dell 1 Emc Powerscale Onefs 2023-02-08 N/A 7.5 HIGH
Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.
CVE-2022-45098 1 Dell 1 Emc Powerscale Onefs 2023-02-08 N/A 5.5 MEDIUM
Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information vulnerability in S3 component. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure.
CVE-2022-45100 1 Dell 1 Emc Powerscale Onefs 2023-02-08 N/A 9.8 CRITICAL
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to a full compromise of the system.
CVE-2022-45099 1 Dell 1 Emc Powerscale Onefs 2023-02-08 N/A 7.8 HIGH
Dell PowerScale OneFS, versions 8.2.x-9.4.x, contain a weak encoding for a NDMP password. A malicious and privileged local attacker could potentially exploit this vulnerability, leading to a full system compromise
CVE-2019-3721 1 Dell 1 Emc Openmanage Server Administrator 2023-02-03 7.8 HIGH 7.5 HIGH
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges to cause the application to compress each of the requested bytes, resulting in a crash due to excessive memory consumption and preventing users from accessing the system.
CVE-2022-34405 1 Dell 34 Alienware Area 51m R1, Alienware Area 51m R2, Alienware Aurora R10 and 31 more 2023-02-03 N/A 7.3 HIGH
An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.
CVE-2023-23691 1 Dell 6 Powervault Me5012, Powervault Me5012 Firmware, Powervault Me5024 and 3 more 2023-02-01 N/A 8.8 HIGH
Dell EMC PV ME5, versions ME5.1.0.0.0 and ME5.1.0.1.0, contains a Client-side desync Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability to force a victim's browser to desynchronize its connection with the website, typically leading to XSS and DoS.