Vulnerabilities in Dell
1,416 resultsVexday analysis
Com 1.414 CVEs catalogadas, a Dell apresenta um volume expressivo de vulnerabilidades, com 64 classificadas como críticas e 103 surgidas apenas nos últimos 90 dias, o que indica um ritmo contínuo de descobertas que exige acompanhamento próximo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 2 entradas no CISA KEV, sugerindo que, apesar do volume, a conversão em ameaças ativas confirmadas é relativamente contida. A falha mais comum é do tipo CWE-78 (injeção de comandos no SO), categoria que historicamente representa risco elevado de execução arbitrária de código. A CVE mais crítica atualmente em exploração ativa, CVE-2021-21551, registra EPSS de 0,5747 — indicando probabilidade relevante de exploração — e deve ser tratada com prioridade máxima por equipes que ainda não aplicaram a respectiva correção.
CVE-2022-34428MEDIUMDell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI. An adversary with WMS groupEPSS 0.5%CVE-2024-49595HIGHDell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. A high privileged EPSS 0.5%CVE-2024-45766HIGHDell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of Generation of Code ('Code Injection') vulnerabilEPSS 0.5%CVE-2021-21575MEDIUM
Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.
EPSS 0.5%CVE-2026-23779MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release verEPSS 0.5%CVE-2024-22464MEDIUM
Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerEPSS 0.5%CVE-2025-24377HIGHDell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.5%CVE-2024-45764CRITICALDell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) a Missing Critical Step in Authentication vulnerability. An unauthenticated atEPSS 0.5%CVE-2022-34366MEDIUM
Dell SupportAssist for Home PCs (version 3.11.2 and prior) contain Overly Permissive Cross-domain Whitelist vulnerability. An authenticatedEPSS 0.5%CVE-2025-46422HIGHDell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.5%CVE-2025-46423HIGHDell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.5%CVE-2022-34435LOW
Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuraEPSS 0.5%CVE-2022-46754HIGH
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access cerEPSS 0.5%CVE-2022-33930MEDIUMDell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. An attacker could potentially exploit thiEPSS 0.5%CVE-2022-29096MEDIUMDell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An autheEPSS 0.5%CVE-2025-46644MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 releaseEPSS 0.5%CVE-2025-24385HIGHDell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.5%CVE-2022-45100HIGH
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. An remote unauthenticated attacker EPSS 0.5%CVE-2026-26354HIGHDell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version EPSS 0.5%CVE-2019-18571MEDIUMThe RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a reflected cross-site scEPSS 0.5%