Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-26 | CVE-2024-49595 | Authentication Bypass by Capture-replay vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. | 4.9 |
| 2024-11-26 | CVE-2024-49596 | Unspecified vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. | 6.5 |
| 2024-11-22 | CVE-2024-38296 | Unspecified vulnerability in Dell Intel Management Engine Firmware Update Utility Dell Edge Gateway 3200, versions prior to 15.40.30.2879, and Edge Gateway 5200, versions prior to 12.0.94.2380, contain an Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution vulnerability. | 4.4 |
| 2024-11-08 | CVE-2024-48011 | Unspecified vulnerability in Dell Data Domain Operating System Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. | 6.5 |
| 2024-10-25 | CVE-2024-47481 | Unspecified vulnerability in Dell Data Lakehouse 1.0.0.0/1.1.0.0 Dell Data Lakehouse, version(s) 1.0.0.0, 1.1.0., contain(s) an Improper Access Control vulnerability. low complexity dell | 6.5 |
| 2024-10-25 | CVE-2024-47483 | SQL Injection vulnerability in Dell Data Lakehouse 1.0.0.0/1.1.0.0 Dell Data Lakehouse, version(s) 1.0.0.0 and 1.1.0.0, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. | 5.5 |
| 2024-10-18 | CVE-2024-47240 | Incorrect Default Permissions vulnerability in Dell Secure Connect Gateway 5.24.00.14 Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. | 6.3 |
| 2024-10-17 | CVE-2024-45767 | Unspecified vulnerability in Dell Openmanage Enterprise 3.5/3.6.1/3.8.4 Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. | 6.5 |
| 2024-10-09 | CVE-2024-39586 | XXE vulnerability in Dell EMC Appsync Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. | 4.3 |
| 2024-09-10 | CVE-2024-39574 | Unspecified vulnerability in Dell Insightiq 5.1.0 Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. | 4.4 |