Dell Latest Vulnerabilities

December 25

Authentication Bypass Vulnerability in Dell ECS

CVE-2024-52534

DellEcs5.4MEDIUM

Insecure File Permissions in Dell NativeEdge

CVE-2024-52543

DellNativeedge6.5MEDIUM

Sensitive Information Exposure in Dell NativeEdge

CVE-2024-53291

DellNativeedge7.5HIGH

Execution with Unnecessary Privileges in Dell NativeEdge

CVE-2024-47978

DellNativeedge7.8HIGH

Privilege Escalation Vulnerability in Dell SupportAssist Software

CVE-2024-52535

DellSupportassist For Home...7.1HIGH

December 19

Argument Injection Vulnerability in Dell PowerStore Affects Data Integrity

CVE-2024-51532

DellPowerstore7.1HIGH

December 18

Improper Link Resolution Issue in Dell Inventory Collector Client

CVE-2024-47480

Dell

December 17

Symlink Following Vulnerability in Dell AppSync

CVE-2024-52542

DellAppsync4.4MEDIUM

December 13

CVE-2024-28980

DellRecoverpoint For Virtu...6.5MEDIUM

CVE-2024-47984

DellRecoverpoint For Virtu...4.4MEDIUM

CVE-2024-24902

DellRecoverpoint For Virtu...6.6MEDIUM

CVE-2024-38488

DellRecoverpoint For Virtu...6.5MEDIUM

CVE-2024-48007

DellRecoverpoint For Virtu...5.3MEDIUM

Dell RecoverPoint Virtual Machine Vulnerability Could Lead to Information Disclosure and Unintended Actions

CVE-2024-48008

DellRecoverpoint For Virtu...5.3MEDIUM

Dell RecoverPoint for Virtual Machines Vulnerability - root access risk

CVE-2024-22461

DellRecoverpoint For Virtu...8.8HIGH

December 12

Dell BIOS vulnerability allows arbitrary code execution with high privilege

CVE-2024-47238

DellDell Client Platform BiOS7.5HIGH

December 11

Dell ThinOS Race Condition Vulnerability Could Lead to Elevated Privileges

CVE-2024-53289

Dell

Plain-text Password Storage Vulnerability in Dell VxVerify Could Lead to Credential Theft

CVE-2024-53292

Dell

Dell ThinOS Command Injection Vulnerability Leads to Unauthorized Command Execution

CVE-2024-53290

Dell

Dell Client Platform Firmware Utility vulnerability: High Privilege Escalation Possible

CVE-2024-52537

Dell

December 10

Avamar SQL Injection Vulnerability Could Lead to Command Execution

CVE-2024-47977

DellAvamar7.1HIGH

Dell Avamar SQL Injection Vulnerability

CVE-2024-47484

DellAvamar8.2HIGH

Dell Avamar SQL Injection Vulnerability Affects Server Data Security

CVE-2024-52538

DellAvamar7.6HIGH

Dell PowerFlex Appliance Vulnerable to Improper Link Resolution Before File Access

CVE-2024-37143

DellDell Powerflex Appliance10CRITICAL

Dell PowerFlex Appliance and Rack Versions vulnerable to Information Disclosure

CVE-2024-37144

DellDell Powerflex Appliance8.2HIGH

December 3

Dell NetWorker Vulnerability Could Lead to Information Disclosure

CVE-2024-42422

DellNetworker8.3HIGH

Un authenticated attacker could execute code with local access

CVE-2024-47476

DellNetworker Management C...7.8HIGH

November 26

Dell Wyse Management Suite Vulnerability Could Lead to Denial of Service and File Deletion

CVE-2024-49596

DellWyse Management Suite5.9MEDIUM

Dell Wyse Management Suite Vulnerability Could Lead to Protection Mechanism Bypass

CVE-2024-49597

DellWyse Management Suite7.6HIGH

Dell Wyse Management Suite vulnerability: Authentication Bypass risk

CVE-2024-49595

DellWyse Management Suite7.6HIGH

November 22

Dell Edge Gateway 5200 Vulnerability Could Lead to Information Exposure

CVE-2024-38296

DellEdge Gateway 52006.7MEDIUM

November 12

Dell SmartFabric OS10 Software Vulnerable to External Access to Files or Directories

CVE-2024-48838

DellSmartfabric Os10 Software3.3LOW

Dell SmartFabric OS10 Software Vulnerability - Execution with Unnecessary Privileges

CVE-2024-48837

DellSmartfabric Os10 Software7.8HIGH

Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability

CVE-2024-49557

DellSmartfabric Os10 Software7.8HIGH

Dell SmartFabric OS10 Software Vulnerability: Elevation of Privileges Attack vector

CVE-2024-49558

DellSmartfabric Os10 Software7.8HIGH

Dell SmartFabric OS10 Software Vulnerable to Command Injection Attacks

CVE-2024-49560

DellSmartfabric Os10 Software7.8HIGH

November 8

Dell Enterprise SONiC OS Vulnerable to OS Command Injection

CVE-2024-45763

DellEnterprise Sonic Os7.2HIGH

Authentication Bypass Vulnerability in Dell Enterprise SONiC OS

CVE-2024-45764

DellEnterprise Sonic Os9.8CRITICAL

Dell Enterprise SONiC OS Vulnerability Could Lead to Command Execution

CVE-2024-45765

DellEnterprise Sonic Os7.2HIGH

PowerProtect DD Vulnerability Could Lead to Escalation of Privilege

CVE-2024-48010

DellPowerprotect Dd7.2HIGH

Dell PowerProtect Data Domain Vulnerability: Local Privilege Escalation Risk

CVE-2024-45759

DellPowerprotect Dd7.3HIGH

Dell PowerProtect DD Vulnerability: Exposure of Sensitive Information to Unauthorized Actor

CVE-2024-48011

DellPowerprotect Dd6.5MEDIUM

October 25

Dell Data Lakehouse Vulnerable to SQL Injection

CVE-2024-47483

DellData Lakehouse5.5MEDIUM

Dell Data Lakehouse Vulnerable to Improper Access Control

CVE-2024-47481

DellDell Data Lakehouse6.5MEDIUM

October 18

Unauthorized Access to Transmitted Data via Improper Certificate Validation

CVE-2024-47241

DellSecure Connect Gateway8.1HIGH

Low Privilege Attacker Could Discover Exposed Credentials and Access the System

CVE-2024-48016

DellSecure Connect Gateway8.8HIGH

Incorrect Default Permissions Vulnerability in Dell Secure Connect Gateway (SCG) 5.24

CVE-2024-47240

DellSecure Connect Gateway...6.3MEDIUM

October 17

Dell OpenManage Enterprise SQL Injection Vulnerability Leads to Information Disclosure

CVE-2024-45767

DellDell Openmanage Enterp...6.5MEDIUM

Code Injection Vulnerability Affects Dell OpenManage Enterprise

CVE-2024-45766

DellDell Openmanage Enterp...8.8HIGH

October 9

Dell AppSync Server XML External Entity Injection Vulnerability

CVE-2024-39586

DellAppsync4.3MEDIUM

September 26

Dell SmartFabric OS10 Software: Command Injection Vulnerability Could Lead to Code Execution

CVE-2024-39577

DellSmartfabric Os10 Software8.8HIGH

Dell SmartFabric OS10 Software Vulnerable to Denial of Service Attacks

CVE-2024-37125

DellSmartfabric Os10 Software7.5HIGH

September 10

{"short":"Citrix Workspace App contains vulnerability"}

CVE-2024-42423

DellWyse Proprietary Os (m...7.1HIGH

CVE-2024-39582

DellPowerscale Insightiq4.4MEDIUM

CVE-2024-39574

DellPowerscale Insightiq4.4MEDIUM

PowerScale InsightIQ v5.0-5.1 vulnerable to Improper Access Control

CVE-2024-39580

DellPowerscale Insightiq6.7MEDIUM

Unauthenticated Remote Access Vulnerability in Dell PowerScale InsightIQ Could Allow Exfiltration of Arbitrary Files

CVE-2024-39581

DellPowerscale Insightiq9.8CRITICAL

CVE-2024-39583

DellPowerscale Insightiq9.8CRITICAL

Dell Precision Rack Faces Memory Access Vulnerability

CVE-2024-42425

DellDell Precision Rack BiOS5.5MEDIUM

Dell Precision Rack Vulnerability Could Lead to Information Disclosure

CVE-2024-42424

DellDell Precision Rack BiOS6MEDIUM

Dell ThinOS Command Injection Vulnerability: Unauthorized Elevation of Privileges

CVE-2024-42427

DellWyse Proprietary Os (m...7.6HIGH

September 6

Low Privileged Attacker Could Exploit Hard-coded Password Vulnerability

CVE-2024-39585

DellSmartfabric Os10 Software8.1HIGH

Dell SmartFabric OS10 Software Vulnerable to Command Injection Attacks

CVE-2024-38486

DellSmartfabric Os10 Software8.8HIGH

September 3

Dell PowerProtect Vulnerability: Private Information Exposure Risk

CVE-2024-37136

DellPath To Power4.9MEDIUM

August 31

PowerScale OneFS Vulnerability Could Lead to Root Access

CVE-2024-39579

DellPowerscale Onefs6.7MEDIUM

Dell PowerScale OneFS Vulnerability: Local High Privileged Attacker Could Cause Denial of Service and Information Tampering

CVE-2024-39578

DellPowerscale Onefs6.3MEDIUM

August 29

PowerEdge Platform Vulnerability Could Lead to Information Disclosure

CVE-2024-38304

DellPoweredge Platform6.5MEDIUM

PowerEdge Platform Vulnerability: Information Disclosure at Risk

CVE-2024-38303

DellPoweredge Platform6MEDIUM

August 28

Dell BIOS Vulnerability Allows High-Privilege Attackers to bypass Secure Boot and Execute Arbitrary Code

CVE-2024-39584

DellDell Client Platform BiOS8.2HIGH

Arbitrary Folder Deletion Vulnerability Affects Dell Products

CVE-2023-43078

DellDell Client Platform, ...7.3HIGH

August 22

Low Privilege Attack Could Lead to Code Execution and Elevated Privileges in Dell Power Manager

CVE-2024-39576

DellDell Power Manager (dpm)8.8HIGH

August 21

Local Privilege Escalation Vulnerability in Dell Repository Manager Could Lead toOS Execution

CVE-2023-22576

DellDell Repository Manage...7.8HIGH

Privilege Escalation Vulnerability in Dell SupportAssist Installer Could Lead to Arbitrary Execution

CVE-2024-38305

DellSupportassist For Home...7.3HIGH

August 19

CVE-2024-7922

DellDns-120 Firmware9.8CRITICAL

August 14

Dell BIOS Vulnerability Could Lead to Code Execution

CVE-2024-38483

DellDell Client Platform BiOS6.7MEDIUM

August 6

Exposed Dangerous Method or Function Vulnerability Risking Denial of Service

CVE-2024-28962

DellDell Update (du)7.5HIGH

August 1

Dell InsightIQ Versions 5.0.0 Vulnerable to Broken Cryptographic Algorithm

CVE-2024-28972

DellInsightiq5.9MEDIUM

Arbitrary Code Execution Vulnerability in Dell iDRAC Service Module Could Lead to Denial of Service

CVE-2024-38481

DellIdrac Service Module (...4.4MEDIUM

Dell iDRAC Service Module vulnerable to Out of Bound Write attack

CVE-2024-38490

DellIdrac Service Module (...4.4MEDIUM

Dell iDRAC Service Module vulnerable to Out of Bound Write Attack

CVE-2024-38489

DellIdrac Service Module (...4.4MEDIUM

Dell iDRAC Service Module vulnerable to Out of bound Write Attack

CVE-2024-25948

DellIdrac Service Module (...4.4MEDIUM

Arbitrary Code Execution Vulnerability Affects Dell iDRAC Service Module

CVE-2024-25947

DellIdrac Service Module (...4.4MEDIUM

July 31

Information Disclosure Vulnerability Affects DM5500 Users with High Privileges

CVE-2024-37135

DellData Manager Appliance...4.4MEDIUM

Dell Inventory Collector Vulnerability Allows Arbitrary Code Execution

CVE-2024-37129

DellDell Inventory Collector7.8HIGH

Dell Peripheral Manager Vulnerability Allows Arbitrary Code Execution

CVE-2024-32857

DellDell Peripheral Manager7.8HIGH

Arbitrary Code Execution Vulnerability in Dell Peripheral Manager Preceding 1.7.6

CVE-2024-37127

DellDell Peripheral Manager7.8HIGH

Dell Peripheral Manager Uncontrolled Search Path Vulnerability

CVE-2024-37142

DellDell Peripheral Manager7.8HIGH

Buffer Over-Read Vulnerability in Dell BSAFE Crypto-C Micro Edition and Related Products

CVE-2023-28074

DellDell Bsafe Micro Editi...7.1HIGH

July 24

Out-of-Bounds Read Vulnerability in Dell Edge Gateway BIOS Could Lead to Stack Memory Access

CVE-2023-32471

DellDell Edge Gateway 52006MEDIUM

Dell Edge Gateway BIOS Vulnerability Could Lead to Code Execution or Privilege Escalation

CVE-2023-32466

DellDell Edge Gateway 32005.7MEDIUM

July 18

Dell Data Lakehouse Vulnerable to Missing Encryption of Sensitive Data

CVE-2024-38302

DellDell Data Lakehouse6.8MEDIUM

Dell ECS Privilege Elevation Vulnerability

CVE-2024-30473

DellEcs4.9MEDIUM

July 10

Dell Edge Gateway BIOS Vulnerability Could Lead to Arbitrary Code Execution

CVE-2023-32467

DellPowerswitch Z9664f-on ...8.2HIGH

Dell Edge Gateway BIOS Vulnerability

CVE-2023-32472

DellPowerswitch Z9664f-on ...8.2HIGH

Alienware Command Center Vulnerability Leads to Denial of Service and Information Disclosure

CVE-2024-38301

DellAlienware Command Cent...7.8HIGH

July 2

CVE-2024-37134

DellPowerscale Onefs6.7MEDIUM

CVE-2024-37126

DellPowerscale Onefs6.7MEDIUM

CVE-2024-37133

DellPowerscale Onefs6.7MEDIUM

CVE-2024-37132

DellPowerscale Onefs6.7MEDIUM

CVE-2024-32854

DellPowerscale Onefs6.7MEDIUM