Vulnerabilities in Dell
1,416 resultsVexday analysis
Com 1.414 CVEs catalogadas, a Dell apresenta um volume expressivo de vulnerabilidades, com 64 classificadas como críticas e 103 surgidas apenas nos últimos 90 dias, o que indica um ritmo contínuo de descobertas que exige acompanhamento próximo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 2 entradas no CISA KEV, sugerindo que, apesar do volume, a conversão em ameaças ativas confirmadas é relativamente contida. A falha mais comum é do tipo CWE-78 (injeção de comandos no SO), categoria que historicamente representa risco elevado de execução arbitrária de código. A CVE mais crítica atualmente em exploração ativa, CVE-2021-21551, registra EPSS de 0,5747 — indicando probabilidade relevante de exploração — e deve ser tratada com prioridade máxima por equipes que ainda não aplicaram a respectiva correção.
CVE-2022-22552MEDIUMDell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exEPSS 0.7%CVE-2022-33932MEDIUMDell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vEPSS 0.7%CVE-2021-36281HIGHDell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. A low privileged authenticated usEPSS 0.7%CVE-2025-45379HIGHDell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from coEPSS 0.7%CVE-2022-23158MEDIUMWyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with standard priviEPSS 0.7%CVE-2023-4401HIGH
Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. AEPSS 0.7%CVE-2024-25970MEDIUMDell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an improper input validation vulnerability. A low privileged remote attacker cEPSS 0.7%CVE-2023-28078CRITICAL
Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticatEPSS 0.7%CVE-2021-36329MEDIUMDell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentiEPSS 0.7%CVE-2019-18588CRITICALDell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMaxEPSS 0.7%CVE-2019-3718HIGHDell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. An unauthenticated remote attackerEPSS 0.7%CVE-2020-35164MEDIUMDell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable TimEPSS 0.7%CVE-2024-25964MEDIUMDell PowerScale OneFS 9.5.0.x through 9.7.0.x contain a covert timing channel vulnerability. A remote unauthenticated attacker could potentiEPSS 0.7%CVE-2019-3770MEDIUMDell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability when unregistering a device. A remoteEPSS 0.7%CVE-2019-3769MEDIUMDell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious useEPSS 0.7%CVE-2020-5339MEDIUMRSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A maliciouEPSS 0.7%CVE-2020-5340MEDIUMRSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A maliciouEPSS 0.7%CVE-2023-22574HIGH
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI mEPSS 0.7%CVE-2024-25943HIGHiDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking vulneraEPSS 0.7%CVE-2025-22473HIGHDell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special ElementsEPSS 0.7%