Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-08 | CVE-2025-30101 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. | 6.3 |
| 2025-05-08 | CVE-2025-30102 | Out-of-bounds Write vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. | 5.5 |
| 2025-05-06 | CVE-2025-22479 | Path Traversal vulnerability in Dell Storage Manager 16.3.20/2016/2020 Dell Storage Center - Dell Storage Manager, version(s) 20.0.21, contain(s) an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. | 4.3 |
| 2025-05-06 | CVE-2025-23379 | Cross-site Scripting vulnerability in Dell Storage Manager 16.3.20/2016/2020 Dell Storage Center - Dell Storage Manager, version(s) 21.0.20, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. | 5.2 |
| 2025-04-28 | CVE-2025-23376 | Unspecified vulnerability in Dell Powerprotect Data Manager 19.16/19.17/19.18 Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper Neutralization of Special Elements Used in a Template Engine vulnerability. | 4.4 |
| 2025-03-19 | CVE-2025-23382 | Exposure of System Data to an Unauthorized Control Sphere vulnerability in Dell Secure Connect Gateway 5.26.00.20 Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. | 5.8 |
| 2025-03-19 | CVE-2025-26475 | Improper Authentication vulnerability in Dell Secure Connect Gateway 5.26.00.20 Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts, reducing attack exposure, preventing accidental misconfigurations, and ensuring security controls remain active. | 5.5 |
| 2025-02-07 | CVE-2025-22402 | Unspecified vulnerability in Dell Update Manager Plugin Dell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability. | 5.4 |
| 2025-02-05 | CVE-2025-21117 | Operation on a Resource after Expiration or Release vulnerability in Dell Avamar Server Dell Avamar, version 19.4 or later, contains an access token reuse vulnerability in the AUI. | 5.5 |
| 2025-02-01 | CVE-2024-53296 | Out-of-bounds Write vulnerability in Dell Data Domain Operating System Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. | 4.9 |