Vulnerabilities > Dell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-32856 | Unspecified vulnerability in Dell products Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. | 6.0 |
| 2024-06-12 | CVE-2024-28964 | Deserialization of Untrusted Data vulnerability in Dell Common Event Enabler 8.9.10.0/8.9.8.2 Dell Common Event Enabler, version 8.9.10.0 and prior, contain an insecure deserialization vulnerability in CAVATools. | 7.8 |
| 2024-06-12 | CVE-2024-25949 | Unspecified vulnerability in Dell Networking Os10 10.5.5.5/10.5.6.0 Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an improper authorization vulnerability. | 8.8 |
| 2024-06-12 | CVE-2024-0160 | Incorrect Authorization vulnerability in Dell products Dell Client Platform contains an incorrect authorization vulnerability. | 6.8 |
| 2024-06-12 | CVE-2024-28970 | Out-of-bounds Write vulnerability in Dell products Dell Client BIOS contains an Out-of-bounds Write vulnerability. | 4.4 |
| 2024-06-07 | CVE-2023-32475 | Missing Support for Integrity Check vulnerability in Dell products Dell BIOS contains a missing support for integrity check vulnerability. | 7.6 |
| 2024-05-01 | CVE-2024-28978 | Improper Access Control vulnerability in Dell Openmanage Enterprise 3.10/4.0 Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability. | 6.5 |
| 2024-05-01 | CVE-2024-28979 | Cross-site Scripting vulnerability in Dell Openmanage Enterprise 3.5/3.6.1/3.8.4 Dell OpenManage Enterprise, versions 4.1.0 and older, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. | 4.8 |
| 2024-02-14 | CVE-2023-44294 | SQL Injection vulnerability in Dell Secure Connect Gateway In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. | 6.5 |
| 2024-02-14 | CVE-2023-25535 | Unspecified vulnerability in Dell Supportassist for Home PCS Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). | 6.5 |