Filtered by vendor Dell
Subscriptions
Total
1201 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34432 | 1 Dell | 1 Hybrid Client | 2024-11-21 | 7.3 High |
| Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders. | ||||
| CVE-2022-34431 | 1 Dell | 1 Hybrid Client | 2024-11-21 | 6.5 Medium |
| Dell Hybrid Client below 1.8 version contains a guest user profile corruption vulnerability. A WMS privilege attacker could potentially exploit this vulnerability, leading to DHC system not being accessible. | ||||
| CVE-2022-34430 | 1 Dell | 1 Hybrid Client | 2024-11-21 | 7.1 High |
| Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification. | ||||
| CVE-2022-34429 | 1 Dell | 1 Hybrid Client | 2024-11-21 | 6.5 Medium |
| Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification. | ||||
| CVE-2022-34428 | 1 Dell | 1 Hybrid Client | 2024-11-21 | 5 Medium |
| Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI. An adversary with WMS group admin access could potentially exploit this vulnerability, leading to temporary denial-of-service. | ||||
| CVE-2022-34427 | 1 Dell | 1 Container Storage Modules | 2024-11-21 | 8.8 High |
| Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this vulnerability leading to modification of intended OS command execution. | ||||
| CVE-2022-34426 | 1 Dell | 1 Container Storage Modules | 2024-11-21 | 8.8 High |
| Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. A remote unauthenticated attacker could exploit this vulnerability leading to unintentional access to path outside of restricted directory. | ||||
| CVE-2022-34425 | 1 Dell | 1 Enterprise Sonic Distribution | 2024-11-21 | 7.5 High |
| Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication. | ||||
| CVE-2022-34424 | 1 Dell | 1 Smartfabric Os10 | 2024-11-21 | 7.5 High |
| Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans. | ||||
| CVE-2022-34402 | 1 Dell | 7 Latitude 3420, Optiplex 3000 Thin Client, Wyse 3040 Thin Client and 4 more | 2024-11-21 | 6.8 Medium |
| Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An admin privilege attacker could potentially exploit this vulnerability, leading to denial-of-service. | ||||
| CVE-2022-34394 | 1 Dell | 1 Smartfabric Os10 | 2024-11-21 | 3.7 Low |
| Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain access to the Support Assist information. | ||||
| CVE-2022-34391 | 1 Dell | 4 Alienware Area-51 R4, Alienware Area-51 R4 Firmware, Alienware Area-51 R5 and 1 more | 2024-11-21 | 7.5 High |
| Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||||
| CVE-2022-34383 | 1 Dell | 2 Edge Gateway 5200, Edge Gateway 5200 Firmware | 2024-11-21 | 8.1 High |
| Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM. | ||||
| CVE-2022-34382 | 1 Dell | 3 Alienware Update, Command Update, Update | 2024-11-21 | 7.8 High |
| Dell Command Update, Dell Update and Alienware Update versions prior to 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. A local malicious user may potentially exploit this vulnerability in order to elevate their privileges. | ||||
| CVE-2022-34381 | 1 Dell | 2 Bsafe Crypto-j, Bsafe Ssl-j | 2024-11-21 | 9.1 Critical |
| Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity. | ||||
| CVE-2022-34380 | 1 Dell | 1 Cloudlink | 2024-11-21 | 9.3 Critical |
| Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink system console. This is critical severity vulnerability as it allows attacker to take control of the system. | ||||
| CVE-2022-34379 | 1 Dell | 1 Cloudlink | 2024-11-21 | 9.4 Critical |
| Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A remote attacker, with the knowledge of the active directory usernames, could potentially exploit this vulnerability to gain unauthorized access to the system. | ||||
| CVE-2022-34378 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 5.5 Medium |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2022-34375 | 1 Dell | 1 Container Storage Modules | 2024-11-21 | 8.8 High |
| Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to unintentional access to path outside of restricted directory. | ||||
| CVE-2022-34374 | 1 Dell | 1 Container Storage Modules | 2024-11-21 | 8.8 High |
| Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to to execute arbitrary OS commands on the affected system. | ||||