Dell Latest Vulnerabilities

November 12

Dell SmartFabric OS10 Software Vulnerable to External Access to Files or Directories

CVE-2024-48838

DellSmartfabric Os10 Software3.3LOW

Dell SmartFabric OS10 Software Vulnerability - Execution with Unnecessary Privileges

CVE-2024-48837

DellSmartfabric Os10 Software7.8HIGH

Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability

CVE-2024-49557

DellSmartfabric Os10 Software7.8HIGH

Dell SmartFabric OS10 Software Vulnerability: Elevation of Privileges Attack vector

CVE-2024-49558

DellSmartfabric Os10 Software7.8HIGH

Dell SmartFabric OS10 Software Vulnerable to Command Injection Attacks

CVE-2024-49560

DellSmartfabric Os10 Software7.8HIGH

November 8

Dell Enterprise SONiC OS Vulnerable to OS Command Injection

CVE-2024-45763

DellEnterprise Sonic Os7.2HIGH

Dell Enterprise SONiC OS vulnerability - Critical Authentication bypass

CVE-2024-45764

DellEnterprise Sonic Os9.8CRITICAL

Dell Enterprise SONiC OS Vulnerability Could Lead to Command Execution

CVE-2024-45765

DellEnterprise Sonic Os7.2HIGH

PowerProtect DD Vulnerability Could Lead to Escalation of Privilege

CVE-2024-48010

DellPowerprotect Dd6.5MEDIUM

Dell PowerProtect Data Domain Vulnerability: Local Privilege Escalation Risk

CVE-2024-45759

DellPowerprotect Dd6.8MEDIUM

Dell PowerProtect DD Vulnerability: Exposure of Sensitive Information to Unauthorized Actor

CVE-2024-48011

DellPowerprotect Dd3.1LOW

October 25

Dell Data Lakehouse Vulnerable to SQL Injection

CVE-2024-47483

DellData Lakehouse5.5MEDIUM

Dell Data Lakehouse Vulnerable to Improper Access Control

CVE-2024-47481

DellDell Data Lakehouse6.5MEDIUM

October 18

Unauthorized Access to Transmitted Data via Improper Certificate Validation

CVE-2024-47241

Dell

Low Privilege Attacker Could Discover Exposed Credentials and Access the System

CVE-2024-48016

Dell

Incorrect Default Permissions Vulnerability in Dell Secure Connect Gateway (SCG) 5.24

CVE-2024-47240

DellSecure Connect Gateway...6.3MEDIUM

October 17

Dell OpenManage Enterprise SQL Injection Vulnerability Leads to Information Disclosure

CVE-2024-45767

DellDell Openmanage Enterp...4.3MEDIUM

Code Injection Vulnerability Affects Dell OpenManage Enterprise

CVE-2024-45766

DellDell Openmanage Enterp...8HIGH

October 9

Dell AppSync Server XML External Entity Injection Vulnerability

CVE-2024-39586

DellAppsync4.3MEDIUM

September 26

Dell SmartFabric OS10 Software: Command Injection Vulnerability Could Lead to Code Execution

CVE-2024-39577

DellSmartfabric Os10 Software7.1HIGH

Dell SmartFabric OS10 Software Vulnerable to Denial of Service Attacks

CVE-2024-37125

DellSmartfabric Os10 Software7.5HIGH

September 10

{"short":"Citrix Workspace App contains vulnerability"}

CVE-2024-42423

DellWyse Proprietary Os (m...7.1HIGH

CVE-2024-39582

DellPowerscale Insightiq4.4MEDIUM

CVE-2024-39574

DellPowerscale Insightiq4.4MEDIUM

PowerScale InsightIQ v5.0-5.1 vulnerable to Improper Access Control

CVE-2024-39580

DellPowerscale Insightiq6.7MEDIUM

Unauthenticated Remote Access Vulnerability in Dell PowerScale InsightIQ Could Allow Exfiltration of Arbitrary Files

CVE-2024-39581

DellPowerscale Insightiq9.8CRITICAL

CVE-2024-39583

DellPowerscale Insightiq9.8CRITICAL

Dell Precision Rack Faces Memory Access Vulnerability

CVE-2024-42425

DellDell Precision Rack BiOS5.5MEDIUM

Dell Precision Rack Vulnerability Could Lead to Information Disclosure

CVE-2024-42424

DellDell Precision Rack BiOS5.3MEDIUM

Dell ThinOS Command Injection Vulnerability: Unauthorized Elevation of Privileges

CVE-2024-42427

DellWyse Proprietary Os (m...7.6HIGH

September 6

Low Privileged Attacker Could Exploit Hard-coded Password Vulnerability

CVE-2024-39585

DellSmartfabric Os10 Software8.1HIGH

Dell SmartFabric OS10 Software Vulnerable to Command Injection Attacks

CVE-2024-38486

DellSmartfabric Os10 Software8.8HIGH

September 3

Dell PowerProtect Vulnerability: Private Information Exposure Risk

CVE-2024-37136

DellPath To Power4.9MEDIUM

August 31

PowerScale OneFS Vulnerability Could Lead to Root Access

CVE-2024-39579

DellPowerscale Onefs6.7MEDIUM

Dell PowerScale OneFS Vulnerability: Local High Privileged Attacker Could Cause Denial of Service and Information Tampering

CVE-2024-39578

DellPowerscale Onefs6.3MEDIUM

August 29

PowerEdge Platform Vulnerability Could Lead to Information Disclosure

CVE-2024-38304

DellPoweredge Platform3.8LOW

PowerEdge Platform Vulnerability: Information Disclosure at Risk

CVE-2024-38303

DellPoweredge Platform5.3MEDIUM

August 28

Dell BIOS Vulnerability Allows High-Privilege Attackers to bypass Secure Boot and Execute Arbitrary Code

CVE-2024-39584

DellDell Client Platform BiOS8.2HIGH

Arbitrary Folder Deletion Vulnerability Affects Dell Products

CVE-2023-43078

DellDell Client Platform, ...6.7MEDIUM

August 22

Low Privilege Attack Could Lead to Code Execution and Elevated Privileges in Dell Power Manager

CVE-2024-39576

DellDell Power Manager (dpm)8.8HIGH

August 21

Local Privilege Escalation Vulnerability in Dell Repository Manager Could Lead toOS Execution

CVE-2023-22576

DellDell Repository Manage...7.8HIGH

Privilege Escalation Vulnerability in Dell SupportAssist Installer Could Lead to Arbitrary Execution

CVE-2024-38305

DellSupportassist For Home...7.3HIGH

August 19

CVE-2024-7922

DellDns-120 Firmware9.8CRITICAL

August 14

Dell BIOS Vulnerability Could Lead to Code Execution

CVE-2024-38483

DellDell Client Platform BiOS6.7MEDIUM

August 6

Exposed Dangerous Method or Function Vulnerability Risking Denial of Service

CVE-2024-28962

DellDell Update (du)7.5HIGH

August 1

Dell InsightIQ Versions 5.0.0 Vulnerable to Broken Cryptographic Algorithm

CVE-2024-28972

DellInsightiq5.9MEDIUM

Arbitrary Code Execution Vulnerability in Dell iDRAC Service Module Could Lead to Denial of Service

CVE-2024-38481

DellIdrac Service Module (...4.4MEDIUM

Dell iDRAC Service Module vulnerable to Out of Bound Write attack

CVE-2024-38490

DellIdrac Service Module (...4.4MEDIUM

Dell iDRAC Service Module vulnerable to Out of Bound Write Attack

CVE-2024-38489

DellIdrac Service Module (...4.4MEDIUM

Dell iDRAC Service Module vulnerable to Out of bound Write Attack

CVE-2024-25948

DellIdrac Service Module (...4.4MEDIUM

Arbitrary Code Execution Vulnerability Affects Dell iDRAC Service Module

CVE-2024-25947

DellIdrac Service Module (...4.4MEDIUM

July 31

Information Disclosure Vulnerability Affects DM5500 Users with High Privileges

CVE-2024-37135

DellData Manager Appliance...3.3LOW

Dell Inventory Collector Vulnerability Allows Arbitrary Code Execution

CVE-2024-37129

DellDell Inventory Collector7.8HIGH

Dell Peripheral Manager Vulnerability Allows Arbitrary Code Execution

CVE-2024-32857

DellDell Peripheral Manager7.8HIGH

Arbitrary Code Execution Vulnerability in Dell Peripheral Manager Preceding 1.7.6

CVE-2024-37127

DellDell Peripheral Manager7.8HIGH

Dell Peripheral Manager Uncontrolled Search Path Vulnerability

CVE-2024-37142

DellDell Peripheral Manager7.8HIGH

Buffer Over-Read Vulnerability in Dell BSAFE Crypto-C Micro Edition and Related Products

CVE-2023-28074

DellDell Bsafe Micro Editi...7.1HIGH

July 24

Out-of-Bounds Read Vulnerability in Dell Edge Gateway BIOS Could Lead to Stack Memory Access

CVE-2023-32471

DellDell Edge Gateway 52006MEDIUM

Dell Edge Gateway BIOS Vulnerability Could Lead to Code Execution or Privilege Escalation

CVE-2023-32466

DellDell Edge Gateway 32005.7MEDIUM

July 18

Dell Data Lakehouse Vulnerable to Missing Encryption of Sensitive Data

CVE-2024-38302

DellDell Data Lakehouse6.8MEDIUM

Dell ECS Privilege Elevation Vulnerability

CVE-2024-30473

DellEcs4.9MEDIUM

July 10

Dell Edge Gateway BIOS Vulnerability Could Lead to Arbitrary Code Execution

CVE-2023-32467

DellPowerswitch Z9664f-on ...8.2HIGH

Dell Edge Gateway BIOS Vulnerability

CVE-2023-32472

DellPowerswitch Z9664f-on ...8.2HIGH

Alienware Command Center Vulnerability Leads to Denial of Service and Information Disclosure

CVE-2024-38301

DellAlienware Command Cent...7.8HIGH

July 2

CVE-2024-37132

DellPowerscale Onefs6.7MEDIUM

CVE-2024-37126

DellPowerscale Onefs6.7MEDIUM

CVE-2024-37133

DellPowerscale Onefs6.7MEDIUM

CVE-2024-37134

DellPowerscale Onefs6.7MEDIUM

CVE-2024-32853

DellPowerscale Onefs7.8HIGH

CVE-2024-32854

DellPowerscale Onefs6.7MEDIUM

CVE-2024-32852

DellPowerscale Onefs7.5HIGH

Dell BIOS Vulnerability Could Lead to Denial of Service and Escalation of Privileges

CVE-2024-0158

DellCpg BiOS6.7MEDIUM

June 29

Dell iDRAC9 Session Hijacking Vulnerability Affects Multiple Generations

CVE-2024-25943

DellIntegrated Dell Remote...7.6HIGH

June 28

Dell Key Trust Platform vulnerable to Privileged Information Disclosure

CVE-2024-37137

DellClouD-Link3.8LOW

June 26

Dell PowerProtect DD Vulnerability Could Lead to Information Disclosure

CVE-2024-37141

DellPowerprotect Dd3.5LOW

Dell PowerProtect DD Vulnerability Could Lead to System Takeover

CVE-2024-37140

DellPowerprotect Dd8.8HIGH

Dell PowerProtect DD Vulnerability Could Lead to Denial of Service

CVE-2024-37139

DellPowerprotect Dd6.5MEDIUM

Dell PowerProtect DD Vulnerability Could Lead to Unauthorized File Access

CVE-2024-37138

DellPowerprotect Dd6.8MEDIUM

Dell PowerProtect Data Domain Vulnerability Could Lead to Man-in-the-Middle Attacks

CVE-2024-29175

DellPowerprotect Dd5.9MEDIUM

Dell Data Domain SQL Injection Vulnerability Affects Data Security

CVE-2024-29174

DellPowerprotect Dd4.4MEDIUM

Dell PowerProtect DD Vulnerable to Server-Side Request Forgery (SSRF) Attacks

CVE-2024-29173

DellPowerprotect Dd6.8MEDIUM

Temporary Sensitive Information Vulnerability Affects Dell PowerProtect DD Versions

CVE-2024-29177

DellPowerprotect Dd2.7LOW

Buffer Overflow Vulnerability Affects Dell PowerProtect DD Versions

CVE-2024-29176

DellPowerprotect Dd8.8HIGH

Dell PowerProtect DD Vulnerable to Stored Cross-Site Scripting Attacks

CVE-2024-28973

DellPowerprotect Dd5.9MEDIUM

June 25

Dell PowerEdge Server BIOS Vulnerability Could Allow Local Attackers to Gain Unauthorized Access

CVE-2024-0171

DellPoweredge Platform5.3MEDIUM

Dell BIOS Vulnerability Could Lead to Information Tampering

CVE-2024-32855

DellCpg BiOS3.8LOW

June 13

Dell SCG Vulnerable to SQL Injection Attacks

CVE-2024-29169

DellSecure Connect Gateway...5.4MEDIUM

Dell SCG Vulnerable to SQL Injection Attacks

CVE-2024-29168

DellSecure Connect Gateway...8.8HIGH

Dell SCG Vulnerability Could Allow Unauthorized Access to Restricted Resources

CVE-2024-28969

DellSecure Connect Gateway...4.3MEDIUM

Dell SCG Vulnerable to Improper Access Control

CVE-2024-28968

DellSecure Connect Gateway...5.4MEDIUM

Dell SCG Vulnerability Could Lead to Unauthorized Access to Restricted Resources

CVE-2024-28967

DellSecure Connect Gateway...5.4MEDIUM

Dell SCG Vulnerable to Improper Access Control

CVE-2024-28966

DellSecure Connect Gateway...5.4MEDIUM

Dell SCG Vulnerable to Improper Access Control

CVE-2024-28965

DellSecure Connect Gateway...5.4MEDIUM

CORP Vulnerability in SCG Policy Manager Allows Remote Execution of Malicious Actions

CVE-2024-37131

DellSecure Connect Gateway...7.5HIGH

Dell BIOS Vulnerability Could Lead to Code Execution

CVE-2024-32860

DellCpg BiOS8.2HIGH

Dell BIOS Vulnerability Could Lead to Code Execution

CVE-2024-32858

DellCpg BiOS8.2HIGH

Dell BIOS Vulnerability Could Lead to Code Execution

CVE-2024-32859

DellCpg BiOS8.2HIGH

Dell BIOS Vulnerability Could Lead to Information Disclosure

CVE-2024-32856

DellCpg BiOS6MEDIUM

Sensitive Information Disclosure Vulnerability in Dell Telemetry Dashboard

CVE-2024-30472

DellWyse 5070 Thin Client5.5MEDIUM

June 12

CVE-2024-28964

DellCommon Event Enabler7.8HIGH