Vulnerabilidades en Dell
1416 resultadosAnálisis Vexday
Com 1.414 CVEs catalogadas, a Dell apresenta um volume expressivo de vulnerabilidades, com 64 classificadas como críticas e 103 surgidas apenas nos últimos 90 dias, o que indica um ritmo contínuo de descobertas que exige acompanhamento próximo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 2 entradas no CISA KEV, sugerindo que, apesar do volume, a conversão em ameaças ativas confirmadas é relativamente contida. A falha mais comum é do tipo CWE-78 (injeção de comandos no SO), categoria que historicamente representa risco elevado de execução arbitrária de código. A CVE mais crítica atualmente em exploração ativa, CVE-2021-21551, registra EPSS de 0,5747 — indicando probabilidade relevante de exploração — e deve ser tratada com prioridade máxima por equipes que ainda não aplicaram a respectiva correção.
CVE-2024-28968MEDIUMDell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collectioEPSS 0.3%CVE-2022-34394LOWDell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker EPSS 0.3%CVE-2024-28965MEDIUMDell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API EPSS 0.3%CVE-2020-5326MEDIUMAffected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage ReEPSS 0.3%CVE-2021-21557HIGHDell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user wEPSS 0.3%CVE-2022-31231MEDIUMDell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticaEPSS 0.3%CVE-2025-43889MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release VerEPSS 0.3%CVE-2019-18579HIGHSettings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vulnerability. The BIOS configuration for thEPSS 0.3%CVE-2024-45761MEDIUMDell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper input validation vulnerability. A remote low-privileEPSS 0.3%CVE-2023-32491MEDIUM
Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user EPSS 0.3%CVE-2021-21518HIGHDell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2EPSS 0.3%CVE-2022-34451MEDIUM
PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Stored Cross-site Scripting Vulnerability. An authenticated EPSS 0.3%CVE-2024-48014HIGHDell BSAFE Micro Edition Suite, versions prior to 5.0.2.3 contain an Out-of-bounds Write vulnerability. An unauthenticated attacker with remEPSS 0.3%CVE-2019-18575HIGHDell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user couEPSS 0.3%CVE-2025-29981HIGHDell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. An EPSS 0.3%CVE-2025-43727HIGHDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 releasEPSS 0.3%CVE-2023-28043MEDIUM
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user cEPSS 0.3%CVE-2021-21588MEDIUMDell EMC PowerFlex, v3.5.x contain a Cross-Site WebSocket Hijacking Vulnerability in the Presentation Server/WebUI. An unauthenticated attacEPSS 0.3%CVE-2025-36577MEDIUMDell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site SEPSS 0.3%CVE-2023-28055HIGH
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the saEPSS 0.3%