Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to various injection type attacks.
Max Base Score
5.4
Published
2023-10-05
Updated
2023-10-06
EPSS
0.05%
Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. A low-privileged authenticated attacker can exploit these issues to obtain escalated privileges.
Max Base Score
5.5
Published
2023-10-23
Updated
2023-10-28
EPSS
0.05%
Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.
Max Base Score
5.9
Published
2023-09-21
Updated
2023-09-23
EPSS
0.10%
Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.
Max Base Score
5.3
Published
2023-08-16
Updated
2023-08-22
EPSS
0.05%
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).
Max Base Score
5.5
Published
2023-09-08
Updated
2023-09-13
EPSS
0.04%
Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data.
Max Base Score
5.8
Published
2023-07-26
Updated
2023-08-03
EPSS
0.05%
Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.
Max Base Score
5.5
Published
2023-07-20
Updated
2023-07-28
EPSS
0.04%
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext vulnerability. A local user with access to the installation directory can retrieve the license key of the product and use it to install and license PowerPath on different systems.
Max Base Score
5.5
Published
2023-05-30
Updated
2023-06-06
EPSS
0.04%
Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure vulnerability. A malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.
Max Base Score
5.5
Published
2023-07-20
Updated
2023-07-28
EPSS
0.04%
Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.
Max Base Score
5.5
Published
2023-07-20
Updated
2023-07-28
EPSS
0.04%
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.
Max Base Score
5.0
Published
2023-05-30
Updated
2023-07-21
EPSS
0.05%
Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.
Max Base Score
5.9
Published
2023-02-17
Updated
2023-02-25
EPSS
0.10%
Wyse Management Suite Repository 3.8 and below contain an information disclosure vulnerability. A unauthenticated attacker could potentially discover the internal structure of the application and its components and use this information for further vulnerability research.
Max Base Score
5.3
Published
2023-02-11
Updated
2023-02-21
EPSS
0.05%
Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI. An adversary with WMS group admin access could potentially exploit this vulnerability, leading to temporary denial-of-service.
Max Base Score
5.0
Published
2022-09-30
Updated
2023-07-21
EPSS
0.07%
Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM.
Max Base Score
5.1
Published
2023-01-18
Updated
2023-01-26
EPSS
0.04%
SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information.
Max Base Score
5.5
Published
2023-02-11
Updated
2023-02-21
EPSS
0.04%
Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentially exploit this vulnerability and impersonate a legitimate dell customer to a dell support technician.
Max Base Score
5.3
Published
2023-02-11
Updated
2023-02-21
EPSS
0.05%
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information.
Max Base Score
5.5
Published
2023-02-11
Updated
2023-02-21
EPSS
0.04%
SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information.
Max Base Score
5.5
Published
2023-02-11
Updated
2023-02-21
EPSS
0.04%
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service.
Max Base Score
5.5
Published
2022-09-02
Updated
2022-09-08
EPSS
0.04%
Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM.
Max Base Score
5.5
Published
2023-02-10
Updated
2023-07-21
EPSS
0.04%
Dell BSAFE SSL-J when used in debug mode can reveal unnecessary information. An attacker could potentially exploit this vulnerability and have access to private information.
Max Base Score
5.5
Published
2023-02-10
Updated
2023-02-27
EPSS
0.04%
Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
Max Base Score
5.4
Published
2022-08-30
Updated
2022-09-07
EPSS
0.05%
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services.
Max Base Score
5.3
Published
2022-08-22
Updated
2022-08-24
EPSS
0.07%
Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and create rules.
Max Base Score
5.3
Published
2022-08-10
Updated
2022-08-12
EPSS
0.06%
92 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!