Filtered by vendor Dell
Subscriptions
Total
1550 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-40638 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2026-05-13 | 6.7 Medium |
| Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. | ||||
| CVE-2026-35071 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2026-05-12 | 8.2 High |
| Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution. | ||||
| CVE-2026-35157 | 1 Dell | 3 Ecs, Elastic Cloud Storage, Objectscale | 2026-05-12 | 5.8 Medium |
| Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote execution. | ||||
| CVE-2026-26946 | 1 Dell | 3 Ecs, Elastic Cloud Storage, Objectscale | 2026-05-12 | 6.7 Medium |
| Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. | ||||
| CVE-2026-40636 | 1 Dell | 3 Ecs, Elastic Cloud Storage, Objectscale | 2026-05-12 | 9.8 Critical |
| Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker. | ||||
| CVE-2026-35154 | 1 Dell | 2 Data Domain Operating System, Powerprotect Data Domain | 2026-05-11 | 6.3 Medium |
| Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges to access unauthorized delete operation. | ||||
| CVE-2026-32803 | 1 Dell | 1 Powerscale Onefs | 2026-05-08 | 3.3 Low |
| Dell PowerScale OneFS versions 9.5.0.0 through 9.5.1.6, 9.6.0.0 through 9.7.1.13, 9.8.0.0 through 9.10.1.5 and 9.11.0.0 through 9.12.0.1 contains an Insufficient Logging vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. | ||||
| CVE-2026-23853 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dp Series Appliance | 2026-05-08 | 8.4 High |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to unauthorized access to the system. | ||||
| CVE-2026-35072 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dp Series Appliance | 2026-05-08 | 6.7 Medium |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS command ('OS command injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. | ||||
| CVE-2026-35073 | 1 Dell | 2 Data Domain Operating System, Powerprotect Data Domain | 2026-05-08 | 6.7 Medium |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS command injection vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. | ||||
| CVE-2026-35074 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dp Series Appliance | 2026-05-08 | 6.7 Medium |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS Command Injection vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. | ||||
| CVE-2026-35153 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dp Series Appliance | 2026-05-08 | 6.7 Medium |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of argument delimiters in a command ('argument injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. | ||||
| CVE-2025-46605 | 1 Dell | 2 Data Domain Operating System, Powerprotect Data Domain | 2026-05-08 | 6.2 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain a session fixation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. | ||||
| CVE-2025-46606 | 1 Dell | 2 Data Domain Operating System, Powerprotect Data Domain | 2026-05-08 | 6.2 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper restriction of excessive authentication attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. | ||||
| CVE-2025-46607 | 1 Dell | 2 Data Domain Operating System, Powerprotect Data Domain | 2026-05-05 | 6.6 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. | ||||
| CVE-2026-23777 | 1 Dell | 2 Data Domain Operating System, Powerprotect Data Domain | 2026-05-05 | 4.3 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an exposure of sensitive information to an unauthorized actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information exposure. | ||||
| CVE-2026-28263 | 1 Dell | 2 Data Domain Operating System, Powerprotect Data Domain | 2026-05-05 | 5.9 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a cross-site Scripting vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection. | ||||
| CVE-2025-46641 | 1 Dell | 2 Data Domain Operating System, Powerprotect Data Domain | 2026-05-05 | 6.6 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. | ||||
| CVE-2026-27105 | 1 Dell | 2 Alienware Purchased Apps, Dell\/alienware Purchased Apps | 2026-05-05 | 6.3 Medium |
| Dell/Alienware Purchased Apps, versions prior to 1.1.31.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write | ||||
| CVE-2026-35155 | 1 Dell | 2 Idrac10, Idrac10 Firmware | 2026-05-01 | 7.1 High |
| Dell iDRAC10, versions 1.20.70.50 and 1.30.05.10, contains an Insufficiently Protected Credentials vulnerability. A race condition vulnerability exists that could allow an authenticated low‑privileged attacker to gain elevated access. | ||||