Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dell Subscribe
Total 760 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-5387 1 Dell 2 Xps 13 9370, Xps 13 9370 Firmware 2023-01-31 4.9 MEDIUM 4.4 MEDIUM
Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability. A local attacker with physical access could exploit this vulnerability to prevent the system from booting until the exploited boot device is removed.
CVE-2022-24423 1 Dell 2 Integrated Dell Remote Access Controller 8, Integrated Dell Remote Access Controller 8 Firmware 2023-01-31 5.0 MEDIUM 7.5 HIGH
Dell iDRAC8 versions prior to 2.83.83.83 contain a denial of service vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to cause resource exhaustion in the webserver, resulting in a denial of service condition.
CVE-2022-45103 1 Dell 8 Emc Solutions Enabler Virtual Appliance, Emc Unisphere For Powermax, Emc Unisphere For Powermax Virtual Appliance and 5 more 2023-01-30 N/A 6.5 MEDIUM
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system.
CVE-2023-23690 1 Dell 1 Cloud Mobility For Dell Emc Storage 2023-01-27 N/A 7.0 HIGH
Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for Certificate Revocation vulnerability. A threat actor does not need any specific privileges to potentially exploit this vulnerability. An attacker could perform a man-in-the-middle attack and eavesdrop on encrypted communications from Cloud Mobility to Cloud Storage devices. Exploitation could lead to the compromise of secret and sensitive information, cloud storage connection downtime, and the integrity of the connection to the Cloud devices.
CVE-2022-34457 1 Dell 1 Command\|configure 2023-01-26 N/A 7.8 HIGH
Dell command configuration, version 4.8 and prior, contains improper folder permission when installed not to default path but to non-secured path which leads to privilege escalation. This is critical severity vulnerability as it allows non-admin to modify the files inside installed directory and able to make application unavailable for all users.
CVE-2022-34436 1 Dell 2 Idrac8, Idrac8 Firmware 2023-01-26 N/A 4.9 MEDIUM
Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update.
CVE-2022-34435 1 Dell 2 Idrac9, Idrac9 Firmware 2023-01-26 N/A 4.9 MEDIUM
Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update.
CVE-2022-34399 1 Dell 30 Alienware M15 A6, Alienware M15 A6 Firmware, Alienware M15 Ryzen Edition R5 and 27 more 2023-01-26 N/A 2.3 LOW
Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM.
CVE-2022-34462 1 Dell 1 Emc Secure Connect Gateway Policy Manager 2023-01-25 N/A 7.8 HIGH
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges.
CVE-2022-34442 1 Dell 1 Emc Secure Connect Gateway Policy Manager 2023-01-25 N/A 9.8 CRITICAL
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges.
CVE-2022-34460 1 Dell 52 G5 Se 5505, G5 Se 5505 Firmware, Inspiron 27 7775 and 49 more 2023-01-25 N/A 7.8 HIGH
Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-34456 1 Dell 1 Emc Metro Node 2023-01-25 N/A 8.8 HIGH
Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application.
CVE-2022-34401 1 Dell 6 Alienware M15 A6, Alienware M15 A6 Firmware, Alienware M17 Ryzen R5 and 3 more 2023-01-25 N/A 7.5 HIGH
Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.
CVE-2022-34393 1 Dell 52 G5 Se 5505, G5 Se 5505 Firmware, Inspiron 27 7775 and 49 more 2023-01-25 N/A 7.5 HIGH
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32490 1 Dell 6 Edge Gateway 3000, Edge Gateway 3000 Firmware, Edge Gateway 5000 and 3 more 2023-01-25 N/A 7.8 HIGH
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-34440 1 Dell 1 Emc Secure Connect Gateway Policy Manager 2023-01-19 N/A 9.8 CRITICAL
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges.
CVE-2022-34441 1 Dell 1 Emc Secure Connect Gateway Policy Manager 2023-01-19 N/A 9.8 CRITICAL
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges.
CVE-2021-36338 1 Dell 7 Powermax Os, Solutions Enabler, Solutions Enabler Virtual Appliance and 4 more 2022-12-09 5.2 MEDIUM 8.0 HIGH
Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. An adjacent malicious user could potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to. CVE-2022-31233 addresses the partial fix in CVE-2021-36338.
CVE-2020-29506 2 Dell, Oracle 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more 2022-11-28 7.5 HIGH 9.8 CRITICAL
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.
CVE-2020-29507 2 Dell, Oracle 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more 2022-11-28 7.5 HIGH 9.8 CRITICAL
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability.