| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2023-28076 |
327 |
|
|
2023-05-16 |
2023-05-25 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure.
|
|
2 |
CVE-2023-28070 |
284 |
|
|
2023-05-03 |
2023-05-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Alienware Command Center Application, versions 5.5.43.0 and prior, contain an improper access control vulnerability. A local malicious user could potentially exploit this vulnerability during installation or update process leading to privilege escalation.
|
|
3 |
CVE-2023-28069 |
601 |
|
|
2023-04-05 |
2023-04-11 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Streaming Data Platform prior to 1.4 contains Open Redirect vulnerability. An attacker with privileges same as a legitimate user can phish the legitimate the user to redirect to malicious website leading to information disclosure and launch of phishing attacks. |
|
4 |
CVE-2023-28068 |
732 |
|
|
2023-05-05 |
2023-05-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path
|
|
5 |
CVE-2023-28062 |
|
|
Bypass |
2023-04-11 |
2023-04-18 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions.
|
|
6 |
CVE-2023-28051 |
|
|
|
2023-04-07 |
2023-04-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Power Manager, versions 3.10 and prior, contains an Improper Access Control vulnerability. A low-privileged attacker could potentially exploit this vulnerability to elevate privileges on the system. |
|
7 |
CVE-2023-28047 |
272 |
|
Exec Code |
2023-04-20 |
2023-04-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder creation vulnerability during installation. A local low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code on the operating system with high privileges.
|
|
8 |
CVE-2023-28046 |
272 |
|
|
2023-04-06 |
2023-04-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder deletion vulnerability during uninstallation A local low privilege attacker could potentially exploit this vulnerability, leading to the deletion of arbitrary files on the operating system with high privileges. |
|
9 |
CVE-2023-28045 |
311 |
|
+Priv |
2023-05-19 |
2023-05-26 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data. |
|
10 |
CVE-2023-25942 |
664 |
|
DoS |
2023-04-04 |
2023-04-11 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS versions 8.2.x-9.4.x contain an uncontrolled resource consumption vulnerability. A malicious network user with low privileges could potentially exploit this vulnerability in SMB, leading to a potential denial of service. |
|
11 |
CVE-2023-25941 |
276 |
|
DoS |
2023-04-04 |
2023-04-11 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS versions 8.2.x-9.5.0.x contain an elevation of privilege vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to Denial of service, escalation of privileges, and information disclosure. This vulnerability breaks the compliance mode guarantee. |
|
12 |
CVE-2023-25940 |
59 |
|
|
2023-04-04 |
2023-04-11 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees. |
|
13 |
CVE-2023-25934 |
347 |
|
|
2023-05-04 |
2023-05-31 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request.
|
|
14 |
CVE-2023-25544 |
668 |
|
|
2023-03-01 |
2023-03-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks. |
|
15 |
CVE-2023-25542 |
276 |
|
|
2023-04-06 |
2023-04-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Trusted Device Agent, versions prior to 5.3.0, contain(s) an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges. |
|
16 |
CVE-2023-25540 |
276 |
|
DoS |
2023-02-28 |
2023-03-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service. |
|
17 |
CVE-2023-25536 |
668 |
|
|
2023-03-02 |
2023-03-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover. |
|
18 |
CVE-2023-24576 |
94 |
|
Exec Code |
2023-02-03 |
2023-02-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the NetWorker Client execution service (nsrexecd) irrespective of any auth used. |
|
19 |
CVE-2023-24575 |
|
|
|
2023-02-21 |
2023-03-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system |
|
20 |
CVE-2023-24574 |
400 |
|
|
2023-02-02 |
2023-02-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumption by creating permanent home directories for unauthenticated users. |
|
21 |
CVE-2023-24573 |
|
|
|
2023-02-10 |
2023-02-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. |
|
22 |
CVE-2023-24572 |
59 |
|
|
2023-02-13 |
2023-02-23 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. |
|
23 |
CVE-2023-24569 |
20 |
|
|
2023-02-10 |
2023-02-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system. |
|
24 |
CVE-2023-24567 |
668 |
|
|
2023-03-01 |
2023-03-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks. |
|
25 |
CVE-2023-23698 |
|
|
|
2023-02-10 |
2023-02-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete. |
|
26 |
CVE-2023-23697 |
59 |
|
|
2023-02-13 |
2023-02-23 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. |
|
27 |
CVE-2023-23696 |
863 |
|
|
2023-02-07 |
2023-02-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization vulnerability. A locally authenticated malicious users could potentially exploit this vulnerability in order to write arbitrary files to the system. |
|
28 |
CVE-2023-23695 |
327 |
|
+Info |
2023-02-17 |
2023-02-25 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information. |
|
29 |
CVE-2023-23694 |
78 |
|
Exec Code |
2023-05-23 |
2023-06-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
|
|
30 |
CVE-2023-23693 |
78 |
|
Exec Code |
2023-05-23 |
2023-06-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell VxRail, versions prior to 7.0.450, contains an OS command injection Vulnerability in DCManager command-line utility. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
|
|
31 |
CVE-2023-23692 |
78 |
|
Exec Code |
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. |
|
32 |
CVE-2023-23690 |
295 |
|
|
2023-01-19 |
2023-01-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for Certificate Revocation vulnerability. A threat actor does not need any specific privileges to potentially exploit this vulnerability. An attacker could perform a man-in-the-middle attack and eavesdrop on encrypted communications from Cloud Mobility to Cloud Storage devices. Exploitation could lead to the compromise of secret and sensitive information, cloud storage connection downtime, and the integrity of the connection to the Cloud devices. |
|
33 |
CVE-2023-22575 |
532 |
|
|
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges. |
|
34 |
CVE-2023-22574 |
532 |
|
DoS |
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and denial of service. |
|
35 |
CVE-2023-22573 |
532 |
|
|
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS 9.0.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in cloudpool. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure. |
|
36 |
CVE-2023-22572 |
532 |
|
|
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover. |
|
37 |
CVE-2022-46756 |
668 |
|
Exec Code |
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker. |
|
38 |
CVE-2022-46755 |
|
|
|
2023-02-11 |
2023-02-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. |
|
39 |
CVE-2022-46754 |
|
|
|
2023-02-11 |
2023-02-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities. |
|
40 |
CVE-2022-46679 |
|
|
DoS |
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. |
|
41 |
CVE-2022-46678 |
|
|
|
2023-02-11 |
2023-02-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. |
|
42 |
CVE-2022-46677 |
|
|
|
2023-02-11 |
2023-02-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an custom group admin can create a subgroup under a group for which the admin is not authorized. |
|
43 |
CVE-2022-46676 |
|
|
|
2023-02-11 |
2023-02-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious admin user can disable or delete users under administration and unassigned admins for which the group admin is not authorized. |
|
44 |
CVE-2022-46675 |
209 |
|
|
2023-02-11 |
2023-02-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A unauthenticated attacker could potentially discover the internal structure of the application and its components and use this information for further vulnerability research. |
|
45 |
CVE-2022-45104 |
78 |
|
Exec Code |
2023-02-11 |
2023-02-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system. |
|
46 |
CVE-2022-45103 |
200 |
|
+Info |
2023-01-18 |
2023-01-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system. |
|
47 |
CVE-2022-45102 |
116 |
|
|
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web cache or trigger redirections. |
|
48 |
CVE-2022-45101 |
269 |
|
|
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and remote execution. |
|
49 |
CVE-2022-45100 |
295 |
|
|
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to a full compromise of the system. |
|
50 |
CVE-2022-45099 |
276 |
|
|
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Dell PowerScale OneFS, versions 8.2.x-9.4.x, contain a weak encoding for a NDMP password. A malicious and privileged local attacker could potentially exploit this vulnerability, leading to a full system compromise |
