Vulnerabilities > Dell > High

DATE CVE VULNERABILITY TITLE RISK
2024-12-25 CVE-2024-52535 Link Following vulnerability in Dell products
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remediation component.
network
low complexity
dell CWE-59
8.8
2024-12-25 CVE-2024-53291 Unspecified vulnerability in Dell Nativeedge Orchestrator
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through Metadata vulnerability.
network
low complexity
dell
7.5
2024-12-19 CVE-2024-51532 Argument Injection or Modification vulnerability in Dell Powerstoreos
Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability.
local
low complexity
dell CWE-88
7.1
2024-12-18 CVE-2024-47480 Link Following vulnerability in Dell Inventory Collector 12.3.0.6
Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability.
local
low complexity
dell CWE-59
7.8
2024-12-13 CVE-2024-22461 OS Command Injection vulnerability in Dell Recoverpoint for Virtual Machines 6.0
Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability.
network
low complexity
dell CWE-78
8.8
2024-12-11 CVE-2024-53289 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Dell Thinos 2408
Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability.
local
high complexity
dell CWE-367
7.0
2024-12-11 CVE-2024-53290 Command Injection vulnerability in Dell Thinos 2408
Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability.
local
low complexity
dell CWE-77
8.4
2024-12-10 CVE-2024-47977 Unspecified vulnerability in Dell Avamar Server
Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability.
network
low complexity
dell
8.8
2024-12-10 CVE-2024-52538 Unspecified vulnerability in Dell Avamar Server
Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability.
network
low complexity
dell
8.8
2024-12-09 CVE-2024-45760 Missing Authorization vulnerability in Dell Openmanage Server Administrator
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper access control vulnerability.
network
low complexity
dell CWE-862
8.8