cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-37143,https://securityvulnerability.io/vulnerability/CVE-2024-37143,Dell PowerFlex Appliance Vulnerable to Improper Link Resolution Before File Access,"The identified vulnerability involves improper link resolution prior to file access in various Dell products, including Dell PowerFlex, InsightIQ, and Data Lakehouse. This flaw allows an unauthenticated attacker with remote access to potentially exploit the system, enabling them to execute arbitrary code. Affected versions of the products include several iterations of the PowerFlex appliance and rack, PowerFlex Manager, InsightIQ and Data Lakehouse, highlighting the significance of timely updates to mitigate potential risks associated with this vulnerability.",Dell,"Dell Powerflex Appliance,Dell Powerflex Rack,Dell Powerflex Custom Node,Dell Insightiq,Dell Data Lakehouse",10,CRITICAL,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-10T02:25:33.225Z,0
CVE-2024-37144,https://securityvulnerability.io/vulnerability/CVE-2024-37144,Dell PowerFlex Appliance and Rack Versions vulnerable to Information Disclosure,"The vulnerability in Dell PowerFlex appliances, including certain rack versions and related software products, arises from insecure storage of sensitive information. A privileged attacker with local access could exploit this weakness, potentially leading to unauthorized information disclosure. This exposure might enable the attacker to gain access to critical components within the cluster, which raises serious security concerns. Organizations utilizing affected versions are advised to upgrade to the latest releases to mitigate risks associated with this vulnerability.",Dell,"Dell Powerflex Appliance,Dell Powerflex Rack,Dell Powerflex Custom Node,Dell Insightiq,Dell Data Lakehouse",8.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-10T02:11:13.298Z,0
CVE-2024-47481,https://securityvulnerability.io/vulnerability/CVE-2024-47481,Dell Data Lakehouse Vulnerable to Improper Access Control,"Dell Data Lakehouse, version(s) 1.0.0.0, 1.1.0., contain(s) an Improper Access Control vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Denial of service.",Dell,Dell Data Lakehouse,6.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-10-25T10:54:01.210Z,0
CVE-2024-38302,https://securityvulnerability.io/vulnerability/CVE-2024-38302,Dell Data Lakehouse Vulnerable to Missing Encryption of Sensitive Data,"Dell Data Lakehouse versions 1.0.0.0 have a vulnerability related to missing encryption of sensitive data in the DDAE (Starburst) component. An attacker with low privileges and adjacent network access could exploit this flaw, potentially leading to unauthorized disclosure of sensitive information. Organizations using affected versions should apply the relevant security updates to mitigate risks associated with this vulnerability.",Dell,Dell Data Lakehouse,5.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-18T15:51:54.140Z,0