Filtered by vendor Dell
Subscriptions
Total
1403 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-38746 | 1 Dell | 1 Supportassist Os Recovery | 2025-08-18 | 3.5 Low |
| Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure. | ||||
| CVE-2025-38747 | 1 Dell | 1 Supportassist Os Recovery | 2025-08-18 | 7.8 High |
| Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contain a Creation of Temporary File With Insecure Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to Elevation of Privileges. | ||||
| CVE-2025-21110 | 1 Dell | 1 Data Lakehouse | 2025-08-18 | 6.7 Medium |
| Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. | ||||
| CVE-2025-21104 | 1 Dell | 2 Networker, Networker Management Console | 2025-08-18 | 4.3 Medium |
| Dell NetWorker, versions prior to 19.12.0.1 and versions prior to 19.11.0.4, contain(s) an Open Redirect Vulnerability in NMC. An unauthenticated attacker with remoter access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information. | ||||
| CVE-2025-29989 | 1 Dell | 8 Precision 5820 Tower, Precision 5820 Tower Firmware, Precision 7820 Tower and 5 more | 2025-08-18 | 3.1 Low |
| Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial. | ||||
| CVE-2025-36581 | 1 Dell | 3 Poweredge R6415, Poweredge R7415, Poweredge R7425 | 2025-08-16 | 3.8 Low |
| Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. | ||||
| CVE-2025-36605 | 1 Dell | 1 Unity Operating Environment | 2025-08-15 | 6.1 Medium |
| Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | ||||
| CVE-2025-36606 | 1 Dell | 1 Unity Operating Environment | 2025-08-15 | 7.8 High |
| Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges. | ||||
| CVE-2025-36607 | 1 Dell | 1 Unity Operating Environment | 2025-08-15 | 7.8 High |
| Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges. | ||||
| CVE-2025-29984 | 1 Dell | 1 Trusted Device Agent | 2025-08-15 | 6.7 Medium |
| Dell Trusted Device, versions prior to 7.0.3.0, contain an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2025-29983 | 1 Dell | 1 Trusted Device Agent | 2025-08-15 | 6.7 Medium |
| Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2025-36582 | 1 Dell | 1 Networker | 2025-08-14 | 4.8 Medium |
| Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2025-21120 | 1 Dell | 2 Avamar Data Store, Avamar Server | 2025-08-07 | 8.3 High |
| Dell Avamar, versions prior to 19.12 with patch 338905, excluding version 19.10SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. | ||||
| CVE-2025-26476 | 1 Dell | 2 Elastic Cloud Storage, Objectscale | 2025-08-07 | 8.4 High |
| Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access. | ||||
| CVE-2025-30477 | 1 Dell | 1 Powerscale Onefs | 2025-08-06 | 4.4 Medium |
| Dell PowerScale OneFS, versions prior to 9.11.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2025-32744 | 1 Dell | 1 Appsync | 2025-08-06 | 6.6 Medium |
| Dell AppSync, version(s) 4.6.0.0, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. | ||||
| CVE-2025-36603 | 1 Dell | 1 Appsync | 2025-08-06 | 4.2 Medium |
| Dell AppSync, version(s) 4.6.0.0, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering. | ||||
| CVE-2025-36608 | 1 Dell | 1 Smartfabric Os10 | 2025-08-06 | 6.5 Medium |
| Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | ||||
| CVE-2025-30103 | 1 Dell | 1 Smartfabric Os10 | 2025-08-06 | 5.5 Medium |
| Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker. | ||||
| CVE-2025-36609 | 1 Dell | 1 Smartfabric Os10 | 2025-08-06 | 2.5 Low |
| Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||