Vulnerabilities > Dell > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-25 | CVE-2024-52535 | Link Following vulnerability in Dell products Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remediation component. | 8.8 |
| 2024-12-25 | CVE-2024-53291 | Unspecified vulnerability in Dell Nativeedge Orchestrator Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through Metadata vulnerability. | 7.5 |
| 2024-12-19 | CVE-2024-51532 | Argument Injection or Modification vulnerability in Dell Powerstoreos Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. | 7.1 |
| 2024-12-18 | CVE-2024-47480 | Link Following vulnerability in Dell Inventory Collector 12.3.0.6 Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability. | 7.8 |
| 2024-12-13 | CVE-2024-22461 | OS Command Injection vulnerability in Dell Recoverpoint for Virtual Machines 6.0 Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. | 8.8 |
| 2024-12-11 | CVE-2024-53289 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Dell Thinos 2408 Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. | 7.0 |
| 2024-12-11 | CVE-2024-53290 | Command Injection vulnerability in Dell Thinos 2408 Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. | 8.4 |
| 2024-12-10 | CVE-2024-47977 | Unspecified vulnerability in Dell Avamar Server Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. | 8.8 |
| 2024-12-10 | CVE-2024-52538 | Unspecified vulnerability in Dell Avamar Server Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. | 8.8 |
| 2024-12-09 | CVE-2024-45760 | Missing Authorization vulnerability in Dell Openmanage Server Administrator Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper access control vulnerability. | 8.8 |