Vulnerabilities > Dell > Critical

DATE CVE VULNERABILITY TITLE RISK
2025-03-21 CVE-2025-26336 Stack-based Buffer Overflow vulnerability in Dell products
Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability.
network
low complexity
dell CWE-121
critical
 9.8
9.8
2024-12-13 CVE-2024-28980 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Recoverpoint for Virtual Machines 6.0
Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the SSH.
network
low complexity
dell CWE-327
critical
 9.8
9.8
2024-12-13 CVE-2024-38488 Improper Restriction of Excessive Authentication Attempts vulnerability in Dell Recoverpoint for Virtual Machines 6.0
Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability.
network
low complexity
dell CWE-307
critical
 9.8
9.8
2024-12-13 CVE-2024-48007 Use of Hard-coded Credentials vulnerability in Dell Recoverpoint for Virtual Machines 6.0
Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability.
network
low complexity
dell CWE-798
critical
 9.8
9.8
2024-12-10 CVE-2024-47484 Unspecified vulnerability in Dell Avamar Server
Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability.
network
low complexity
dell
critical
 9.8
9.8
2024-11-08 CVE-2024-45764 Unspecified vulnerability in Dell Enterprise Sonic Distribution
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) a Missing Critical Step in Authentication vulnerability.
network
low complexity
dell
critical
 9.8
9.8
2024-09-10 CVE-2024-39581 Files or Directories Accessible to External Parties vulnerability in Dell Insightiq 5.0.1/5.1.0
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability.
network
low complexity
dell CWE-552
critical
 9.8
9.8
2024-09-10 CVE-2024-39583 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Insightiq 5.0.1/5.1.0
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability.
network
low complexity
dell CWE-327
critical
 9.8
9.8
2024-08-19 CVE-2024-7922 Command Injection vulnerability in Dell products
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical.
network
low complexity
dell CWE-77
critical
 9.8
9.8
2024-06-29 CVE-2024-25943 Unspecified vulnerability in Dell Idrac9
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking vulnerability in IPMI.
network
low complexity
dell
critical
 9.8
9.8