Vulnerabilities (CVE)

Filtered by vendor Dell Subscribe
Total 968 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-23161 1 Dell 1 Emc Powerscale Onefs 2022-09-30 5.0 MEDIUM 7.5 HIGH
Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service.
CVE-2022-24409 1 Dell 1 Bsafe Ssl-j 2022-09-30 7.5 HIGH 7.5 HIGH
Dell BSAFE SSL-J contains remediation for a covert timing channel vulnerability that may be exploited by malicious users to compromise the affected system. Only customers with active BSAFE maintenance contracts can receive details about this vulnerability. Public disclosure of the vulnerability details will be shared at a later date.
CVE-2022-34424 1 Dell 1 Smartfabric Os10 2022-09-30 N/A 7.5 HIGH
Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.
CVE-2020-5351 1 Dell 1 Emc Data Protection Advisor 2022-09-20 5.0 MEDIUM 7.5 HIGH
Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and gain read-only privileges.
CVE-2022-31221 1 Dell 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more 2022-09-15 N/A 2.3 LOW
Dell BIOS versions contain an Information Exposure vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order access sensitive state information on the system.
CVE-2022-31220 1 Dell 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more 2022-09-15 N/A 5.1 MEDIUM
Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.
CVE-2022-31224 1 Dell 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more 2022-09-15 N/A 2.4 LOW
Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by triggering a fault condition in order to change the behavior of the system.
CVE-2022-31223 1 Dell 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more 2022-09-15 N/A 2.3 LOW
Dell BIOS versions contain an Improper Neutralization of Null Byte vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by sending unexpected null bytes in order to read memory on the system.
CVE-2022-31226 1 Dell 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more 2022-09-15 N/A 7.8 HIGH
Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.
CVE-2022-31225 1 Dell 50 Chengming 3900, Chengming 3900 Firmware, Inspiron 14 Plus 7420 and 47 more 2022-09-15 N/A 5.1 MEDIUM
Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.
CVE-2022-26861 1 Dell 798 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3980 and 795 more 2022-09-14 N/A 7.8 HIGH
Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.
CVE-2022-26858 1 Dell 798 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3980 and 795 more 2022-09-13 N/A 7.8 HIGH
Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls.
CVE-2022-26859 1 Dell 798 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3980 and 795 more 2022-09-13 N/A 7.0 HIGH
Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM.
CVE-2022-26860 1 Dell 798 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3980 and 795 more 2022-09-13 N/A 7.8 HIGH
Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.
CVE-2022-34378 1 Dell 1 Emc Powerscale Onefs 2022-09-08 N/A 5.5 MEDIUM
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service.
CVE-2022-34369 1 Dell 1 Emc Powerscale Onefs 2022-09-08 N/A 7.5 HIGH
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 , contain an insertion of sensitive information in log files vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to exposure of this sensitive data.
CVE-2022-31232 1 Dell 1 Smartfabric Storage Software 2022-09-08 N/A 9.8 CRITICAL
SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access and perform actions on the affected system.
CVE-2022-33935 1 Dell 1 Emc Data Protection Advisor 2022-09-07 N/A 5.4 MEDIUM
Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
CVE-2022-34383 1 Dell 2 Edge Gateway 5200, Edge Gateway 5200 Firmware 2022-09-07 N/A 8.2 HIGH
Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM.
CVE-2022-34373 1 Dell 1 Command \| Integration Suite For System Center 2022-09-07 N/A 7.8 HIGH
Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability in order to perform an arbitrary write as system.