Vulnerabilidades en Dell

1417 resultados
Análisis Vexday

Com 1.414 CVEs catalogadas, a Dell apresenta um volume expressivo de vulnerabilidades, com 64 classificadas como críticas e 103 surgidas apenas nos últimos 90 dias, o que indica um ritmo contínuo de descobertas que exige acompanhamento próximo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 2 entradas no CISA KEV, sugerindo que, apesar do volume, a conversão em ameaças ativas confirmadas é relativamente contida. A falha mais comum é do tipo CWE-78 (injeção de comandos no SO), categoria que historicamente representa risco elevado de execução arbitrária de código. A CVE mais crítica atualmente em exploração ativa, CVE-2021-21551, registra EPSS de 0,5747 — indicando probabilidade relevante de exploração — e deve ser tratada com prioridade máxima por equipes que ainda não aplicaram a respectiva correção.

CVE-2023-25535HIGH Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerabilityEPSS 0.2%CVE-2020-29503MEDIUMDell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file permission Vulnerability. A locally authenticated attacker could potentiaEPSS 0.2%CVE-2024-39584HIGHDell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potEPSS 0.2%CVE-2024-0154LOWDell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged aEPSS 0.2%CVE-2024-37127HIGHDell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially eEPSS 0.2%CVE-2024-0155HIGHDell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially EPSS 0.2%CVE-2022-33920HIGHDell GeoDrive, versions prior to 2.2, contains an Unquoted File Path vulnerability. A low privilege attacker could potentially exploit this EPSS 0.2%CVE-2023-39256HIGH Dell Rugged Control Center, version prior to 4.7, contains an improper access control vulnerability. A local malicious standard user could EPSS 0.2%CVE-2021-36282LOWDell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. This can potentially allow an authEPSS 0.2%CVE-2023-39257HIGH Dell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. A local malicious standard user could EPSS 0.2%CVE-2024-48837HIGHDell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Execution with Unnecessary Privileges vulneEPSS 0.2%CVE-2024-22450HIGHDell Alienware Command Center, versions prior to 6.2.7.0, contain an uncontrolled search path element vulnerability. A local malicious user EPSS 0.2%CVE-2022-34460HIGH Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit tEPSS 0.2%CVE-2022-22554HIGHDell EMC System Update, version 1.9.2 and prior, contain an Unprotected Storage of Credentials vulnerability. A local attacker with user priEPSS 0.2%CVE-2020-29502HIGHDell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A EPSS 0.2%CVE-2022-31226HIGHDell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this EPSS 0.2%CVE-2020-29500HIGHDell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore T environments. A locaEPSS 0.2%CVE-2024-37142HIGHDell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially eEPSS 0.2%CVE-2024-29174MEDIUMDell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS 7.10.1.20 contain an SQL Injection vulnerability. A local low privileged attEPSS 0.2%CVE-2024-30476MEDIUMPowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious aEPSS 0.2%