Search Results (1618 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-35162 1 Dell 1 Powerflex 2026-06-26 4.3 Medium
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
CVE-2026-35067 1 Dell 1 Powerflex 2026-06-26 5.7 Medium
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access.
CVE-2026-35066 1 Dell 1 Powerflex 2026-06-26 7.1 High
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
CVE-2026-35068 1 Dell 1 Powerflex 2026-06-26 3.5 Low
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to information disclosure.
CVE-2026-35069 1 Dell 1 Powerflex 2026-06-26 5.7 Medium
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection.
CVE-2026-32652 1 Dell 1 Aiops 2026-06-26 7.8 High
Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earlier than 1.18.3. Systems that have been upgraded (either manually or automatically) to version 1.18.3 or later are not impacted, even if they were originally installed on an earlier version.
CVE-2026-46733 1 Dell 1 Display And Peripheral Manager 2026-06-25 7.8 High
Dell Display and Peripheral Manager (DDPM Windows), versions prior to 2.3, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
CVE-2026-41120 1 Dell 1 Wyse Management Suite 2026-06-25 9.8 Critical
Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote Code Execution.
CVE-2026-46732 1 Dell 1 Display And Peripheral Manager 2026-06-25 6.7 Medium
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVE-2026-46734 1 Dell 1 Display And Peripheral Manager 2026-06-25 7.3 High
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass.
CVE-2026-46735 1 Dell 1 Display And Peripheral Manager 2026-06-25 7.8 High
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
CVE-2025-32748 1 Dell 1 Powerflex Rack 2026-06-25 4.3 Medium
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) a Host Header Injection vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to trigger redirections.
CVE-2026-44274 1 Dell 1 Wyse Management Suite 2026-06-24 7.8 High
Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Link Resolution Before File Access vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2026-44273 1 Dell 1 Wyse Management Suite 2026-06-24 6 Medium
Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure.
CVE-2026-44272 1 Dell 1 Wyse Management Suite 2026-06-24 8.8 High
Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2026-44271 1 Dell 1 Wyse Management Suite 2026-06-24 8.1 High
Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2024-39575 1 Dell 1 Dell Emc Vxrail Appliance 2026-06-23 7.4 High
update_disk_psu_baseline.sh requires password in plain text
CVE-2026-46461 1 Dell 1 Server Hardware Manager 2026-06-22 7.8 High
Dell Server Hardware Manager, versions prior to 3.2.2, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2024-47477 1 Dell 1 Powerflex Manager 2026-06-18 6.5 Medium
Dell PowerFlex Manager, versions prior to 4.5.1.1, contain an improper certificate validation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability leading to man-in-the-middle attack in tandem with DNS cache poisoning.
CVE-2026-26943 1 Dell 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dp Series Appliance 2026-06-18 7.2 High
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.