Vulnerabilities > Dell > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2024-22449 Missing Authentication for Critical Function vulnerability in Dell Powerscale Onefs
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability.
local
low complexity
dell CWE-306
7.8
2024-01-24 CVE-2023-44281 Unspecified vulnerability in Dell Pair
Dell Pair Installer version prior to 1.2.1 contains an elevation of privilege vulnerability.
local
low complexity
dell
7.1
2024-01-16 CVE-2024-22428 Incorrect Default Permissions vulnerability in Dell EMC Idrac Service Module
Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system.
local
low complexity
dell CWE-276
7.8
2023-12-22 CVE-2023-48670 Untrusted Search Path vulnerability in Dell Supportassist for Home PCS 3.14.2.45116
Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer.
local
low complexity
dell CWE-426
7.8
2023-12-14 CVE-2023-48671 Unspecified vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability.
network
low complexity
dell
7.5
2023-12-14 CVE-2023-44285 Unspecified vulnerability in Dell products
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an improper access control vulnerability.
local
low complexity
dell
7.8
2023-12-14 CVE-2023-48660 Path Traversal vulnerability in Dell products
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability.
network
low complexity
dell CWE-22
7.5
2023-12-14 CVE-2023-48662 OS Command Injection vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability.
network
low complexity
dell CWE-78
7.2
2023-12-14 CVE-2023-48663 OS Command Injection vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability.
network
low complexity
dell CWE-78
7.2
2023-12-14 CVE-2023-48664 OS Command Injection vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability.
network
low complexity
dell CWE-78
7.2