Filtered by vendor Dell
Subscriptions
Total
1366 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-29989 | 1 Dell | 8 Precision 5820 Tower, Precision 5820 Tower Firmware, Precision 7820 Tower and 5 more | 2025-08-18 | 3.1 Low |
| Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial. | ||||
| CVE-2025-36581 | 1 Dell | 3 Poweredge R6415, Poweredge R7415, Poweredge R7425 | 2025-08-16 | 3.8 Low |
| Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. | ||||
| CVE-2025-36605 | 1 Dell | 1 Unity Operating Environment | 2025-08-15 | 6.1 Medium |
| Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | ||||
| CVE-2025-36606 | 1 Dell | 1 Unity Operating Environment | 2025-08-15 | 7.8 High |
| Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges. | ||||
| CVE-2025-36607 | 1 Dell | 1 Unity Operating Environment | 2025-08-15 | 7.8 High |
| Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges. | ||||
| CVE-2025-29984 | 1 Dell | 1 Trusted Device Agent | 2025-08-15 | 6.7 Medium |
| Dell Trusted Device, versions prior to 7.0.3.0, contain an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2025-29983 | 1 Dell | 1 Trusted Device Agent | 2025-08-15 | 6.7 Medium |
| Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2025-36582 | 1 Dell | 1 Networker | 2025-08-14 | 4.8 Medium |
| Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2025-21120 | 1 Dell | 2 Avamar Data Store, Avamar Server | 2025-08-07 | 8.3 High |
| Dell Avamar, versions prior to 19.12 with patch 338905, excluding version 19.10SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. | ||||
| CVE-2025-26476 | 1 Dell | 2 Elastic Cloud Storage, Objectscale | 2025-08-07 | 8.4 High |
| Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access. | ||||
| CVE-2025-30477 | 1 Dell | 1 Powerscale Onefs | 2025-08-06 | 4.4 Medium |
| Dell PowerScale OneFS, versions prior to 9.11.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2025-32744 | 1 Dell | 1 Appsync | 2025-08-06 | 6.6 Medium |
| Dell AppSync, version(s) 4.6.0.0, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. | ||||
| CVE-2025-36603 | 1 Dell | 1 Appsync | 2025-08-06 | 4.2 Medium |
| Dell AppSync, version(s) 4.6.0.0, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering. | ||||
| CVE-2025-36608 | 1 Dell | 1 Smartfabric Os10 | 2025-08-06 | 6.5 Medium |
| Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | ||||
| CVE-2025-30103 | 1 Dell | 1 Smartfabric Os10 | 2025-08-06 | 5.5 Medium |
| Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker. | ||||
| CVE-2025-36609 | 1 Dell | 1 Smartfabric Os10 | 2025-08-06 | 2.5 Low |
| Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2025-38741 | 1 Dell | 1 Enterprise Sonic Os | 2025-08-05 | 7.5 High |
| Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication. | ||||
| CVE-2025-26332 | 1 Dell | 1 Techadvisor | 2025-08-05 | 8.8 High |
| TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | ||||
| CVE-2025-30105 | 1 Dell | 1 Xtremio X2 | 2025-08-05 | 8.8 High |
| Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | ||||
| CVE-2025-36611 | 1 Dell | 2 Encryption, Security Management Server | 2025-08-05 | 7.3 High |
| Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an Improper Link Resolution Before File Access ('Link Following') Vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation. | ||||