Export limit exceeded: 16462 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1561 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-26859 | 1 Dell | 798 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3980 and 795 more | 2025-06-11 | 6.1 Medium |
| Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM. | ||||
| CVE-2022-26860 | 1 Dell | 798 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3980 and 795 more | 2025-06-11 | 7.5 High |
| Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM. | ||||
| CVE-2022-26861 | 1 Dell | 798 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3980 and 795 more | 2025-06-11 | 7.9 High |
| Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM. | ||||
| CVE-2022-26858 | 1 Dell | 798 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3980 and 795 more | 2025-06-11 | 6.1 Medium |
| Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls. | ||||
| CVE-2025-36572 | 1 Dell | 12 Powerstore 1000t, Powerstore 1200t, Powerstore 3000t and 9 more | 2025-06-09 | 6.5 Medium |
| Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in the PowerStore image file. A low privileged attacker with remote access, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to gain unauthorized access based on the hardcoded account's privileges. | ||||
| CVE-2023-44289 | 1 Dell | 1 Command\|configure | 2025-06-05 | 7.3 High |
| Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation. | ||||
| CVE-2023-44281 | 1 Dell | 1 Pair | 2025-05-30 | 6.6 Medium |
| Dell Pair Installer version prior to 1.2.1 contains an elevation of privilege vulnerability. A low privilege user with local access to the system could potentially exploit this vulnerability to delete arbitrary files and result in Denial of Service. | ||||
| CVE-2023-39248 | 1 Dell | 1 Networking Os10 | 2025-05-28 | 7.5 High |
| Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption (Denial of Service) vulnerability, when switches are configured with VLT and VRRP. A remote unauthenticated user can cause the network to be flooded leading to Denial of Service for actual network users. This is a high severity vulnerability as it allows an attacker to cause an outage of network. Dell recommends customers to upgrade at the earliest opportunity. | ||||
| CVE-2021-36340 | 1 Dell | 1 Secure Connect Gateway | 2025-05-23 | 7.8 High |
| Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it. | ||||
| CVE-2023-48663 | 1 Dell | 3 Powermax Os, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2025-05-21 | 7.2 High |
| Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. | ||||
| CVE-2022-34394 | 1 Dell | 1 Smartfabric Os10 | 2025-05-20 | 3.7 Low |
| Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain access to the Support Assist information. | ||||
| CVE-2022-34424 | 1 Dell | 1 Smartfabric Os10 | 2025-05-20 | 7.5 High |
| Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans. | ||||
| CVE-2022-34442 | 1 Dell | 1 Policy Manager For Secure Connect Gateway | 2025-05-20 | 8 High |
| Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges. | ||||
| CVE-2022-34441 | 1 Dell | 1 Policy Manager For Secure Connect Gateway | 2025-05-20 | 8 High |
| Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges. | ||||
| CVE-2022-34440 | 1 Dell | 1 Policy Manager For Secure Connect Gateway | 2025-05-20 | 8.4 High |
| Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges. | ||||
| CVE-2022-34462 | 1 Dell | 1 Policy Manager For Secure Connect Gateway | 2025-05-20 | 8.4 High |
| Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges. | ||||
| CVE-2023-39252 | 1 Dell | 1 Policy Manager For Secure Connect Gateway | 2025-05-20 | 5.9 Medium |
| Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information. | ||||
| CVE-2022-29089 | 1 Dell | 1 Smartfabric Os10 | 2025-05-20 | 6.4 Medium |
| Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges. | ||||
| CVE-2024-37131 | 1 Dell | 1 Policy Manager For Secure Connect Gateway | 2025-05-20 | 7.5 High |
| SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy (CORP) vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious actions on the application in the context of the authenticated user. | ||||
| CVE-2024-24903 | 1 Dell | 1 Policy Manager For Secure Connect Gateway | 2025-05-20 | 8 High |
| Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change. | ||||