Filtered by vendor Dell
Subscribe
Total
968 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-19620 | 1 Dell | 1 Red Cloak Windows Agent | 2023-11-07 | 2.1 LOW | 3.3 LOW |
| In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a file. This is limited in scope to the collection of process-execution telemetry, for executions against specific files where the SYSTEM user was denied access to the source file. | |||||
| CVE-2014-1671 | 1 Dell | 5 Kace K1000 Systems Management Appliance, Kace K1000 Systems Management Appliance Software, Kace K1000 Systems Management Virtual Appliance and 2 more | 2023-11-07 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Dell KACE K1000 5.4.76847 and possibly earlier allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the macAddress element in a (1) getUploadPath or (2) getKBot SOAP request to service/kbot_service.php; the ID parameter to (3) userui/advisory_detail.php or (4) userui/ticket.php; and the (5) ORDER[] parameter to userui/ticket_list.php. | |||||
| CVE-2007-3351 | 3 Dell, Microsoft, Sj Labs | 3 Axim X3, Windows Mobile, Sjphone | 2023-11-07 | 7.8 HIGH | N/A |
| The SJPhone SIP soft phone 1.60.303c, when installed on the Dell Axim X3 running Windows Mobile 2003, allows remote attackers to cause a denial of service (device hang and traffic amplification) via a direct crafted INVITE transaction, which causes the phone to transmit many RTP packets. | |||||
| CVE-2023-39250 | 1 Dell | 3 Replay Manager For Vmware, Storage Integration Tools For Vmware, Storage Vsphere Client Plugin | 2023-11-03 | N/A | 5.5 MEDIUM |
| Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks. | |||||
| CVE-2023-43067 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2023-10-28 | N/A | 6.5 MEDIUM |
| Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack could potentially exploit this vulnerability disclosing local files in the file system. | |||||
| CVE-2023-43074 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2023-10-28 | N/A | 7.5 HIGH |
| Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by crafting arbitrary files through a request to the server. | |||||
| CVE-2023-43065 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2023-10-28 | N/A | 5.4 MEDIUM |
| Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. A low-privileged authenticated attacker can exploit these issues to obtain escalated privileges. | |||||
| CVE-2023-43066 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2023-10-28 | N/A | 7.8 HIGH |
| Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands. | |||||
| CVE-2023-43079 | 1 Dell | 1 Emc Openmanage Server Administrator | 2023-10-20 | N/A | 7.8 HIGH |
| Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitrary code in order to elevate privileges on the system. Exploitation may lead to a complete system compromise. | |||||
| CVE-2023-32485 | 1 Dell | 1 Smartfabric Storage Software | 2023-10-07 | N/A | 9.8 CRITICAL |
| Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity. | |||||
| CVE-2023-43068 | 1 Dell | 1 Smartfabric Storage Software | 2023-10-06 | N/A | 8.8 HIGH |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. An authenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands. | |||||
| CVE-2023-43070 | 1 Dell | 1 Smartfabric Storage Software | 2023-10-06 | N/A | 6.5 MEDIUM |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface. A remote authenticated attacker could potentially exploit this vulnerability, leading to modify or write arbitrary files to arbitrary locations in the license container. | |||||
| CVE-2023-43069 | 1 Dell | 1 Smartfabric Storage Software | 2023-10-06 | N/A | 7.8 HIGH |
| Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker. | |||||
| CVE-2023-43071 | 1 Dell | 1 Smartfabric Storage Software | 2023-10-06 | N/A | 5.4 MEDIUM |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to various injection type attacks. | |||||
| CVE-2023-43072 | 1 Dell | 1 Smartfabric Storage Software | 2023-10-06 | N/A | 7.8 HIGH |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands. | |||||
| CVE-2023-43073 | 1 Dell | 1 Smartfabric Storage Software | 2023-10-06 | N/A | 6.5 MEDIUM |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. An authenticated remote attacker could potentially exploit this vulnerability, leading to gaining unauthorized access to data. | |||||
| CVE-2023-4401 | 1 Dell | 1 Smartfabric Storage Software | 2023-10-06 | N/A | 8.8 HIGH |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access. | |||||
| CVE-2023-32477 | 1 Dell | 1 Common Event Enabler | 2023-10-03 | N/A | 7.8 HIGH |
| Dell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. A local low-privileged malicious user may potentially exploit this vulnerability to gain elevated privileges. | |||||
| CVE-2023-4129 | 1 Dell | 1 Data Protection Central | 2023-10-02 | N/A | 7.5 HIGH |
| Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext. | |||||
| CVE-2023-28055 | 1 Dell | 1 Networker | 2023-09-29 | N/A | 8.8 HIGH |
| Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command leading to gain of complete access to the server file further resulting in information leaks, denial of service, and arbitrary code execution. Dell recommends customers to upgrade at the earliest opportunity. | |||||