cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-22475,https://securityvulnerability.io/vulnerability/CVE-2025-22475,Cryptographic Implementation Vulnerability in Dell PowerProtect DD,"Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.10 are affected by a vulnerability related to the use of a cryptographic primitive with a risky implementation. This flaw could allow remote attackers to exploit the system, potentially leading to unauthorized information tampering. It is crucial for users to update their installations to the latest versions to mitigate this risk.",Dell,Powerprotect Dd,3.7,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-04T02:19:38.433Z,0
CVE-2024-53295,https://securityvulnerability.io/vulnerability/CVE-2024-53295,Improper Access Control in Dell PowerProtect DD Products,"An improper access control vulnerability exists in Dell PowerProtect DD that could be exploited by a local attacker with limited privileges. By leveraging this flaw, the attacker may gain the ability to escalate their privileges, potentially allowing unauthorized access to sensitive functions within the affected systems. This vulnerability is present in several versions of the product, highlighting the importance of keeping systems updated and implementing strict access controls.",Dell,Powerprotect Dd,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-01T04:12:10.402Z,0
CVE-2024-51534,https://securityvulnerability.io/vulnerability/CVE-2024-51534,Path Traversal Vulnerability in Dell PowerProtect DD Software,"A path traversal vulnerability exists in Dell PowerProtect DD prior to specified versions, allowing a local user with low privileges to exploit the system. Successfully exploiting this vulnerability can lead to unauthorized overwriting of operating system files on the server's filesystem. This compromise may result in denial of service, affecting the overall performance and availability of the system. Users are advised to update their software to the latest versions to mitigate potential risks.",Dell,Powerprotect Dd,7.1,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-01T04:02:24.954Z,0
CVE-2024-53296,https://securityvulnerability.io/vulnerability/CVE-2024-53296,Stack-based Buffer Overflow in Dell PowerProtect DD by Dell,"Dell PowerProtect DD software prior to versions 7.10.1.50 and 7.13.1.20 is susceptible to a stack-based buffer overflow in the RestAPI. This vulnerability may be exploited by a remote attacker with high privileges, enabling them to cause a Denial of Service (DoS) by manipulating API calls.",Dell,Powerprotect Dd,2.7,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-01T03:56:38.147Z,0
CVE-2025-21107,https://securityvulnerability.io/vulnerability/CVE-2025-21107,Unquoted Search Path Vulnerability in Dell NetWorker,"Dell NetWorker versions prior to 19.11.0.3, including all versions of 19.10 and earlier, are susceptible to an Unquoted Search Path vulnerability. This flaw allows local attackers with low privileges to exploit the system, potentially leading to unauthorized code execution. Organizations using affected versions should implement recommended updates to mitigate associated risks. For further details, refer to Dell's official security advisory.",Dell,Networker,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T09:15:51.866Z,0
CVE-2025-23374,https://securityvulnerability.io/vulnerability/CVE-2025-23374,Information Exposure Vulnerability in Dell Networking Switches Running Enterprise SONiC OS,Dell Networking Switches running earlier versions of Enterprise SONiC OS are affected by a vulnerability that allows privileged attackers to exploit remote access and potentially gain sensitive information logged by the system. This issue highlights the importance of timely updates and robust security measures to protect network infrastructure.,Dell,Enterprise Sonic Os,8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T04:14:04.226Z,0
CVE-2025-22394,https://securityvulnerability.io/vulnerability/CVE-2025-22394,Race Condition Vulnerability in Dell Display Manager Affecting Local Users,"Dell Display Manager, in versions prior to 2.3.2.18, is susceptible to a Time-of-check Time-of-use (TOCTOU) race condition. This flaw enables a low-privileged user with local access to exploit the system by potentially executing arbitrary code, which in turn may lead to privilege escalation. It is crucial for users of affected versions to apply security updates to mitigate these risks.",Dell,Dell Display Manager,7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-15T04:41:21.868Z,0
CVE-2025-21101,https://securityvulnerability.io/vulnerability/CVE-2025-21101,Race Condition Vulnerability in Dell Display Manager,"Dell Display Manager versions prior to 2.3.2.20 are susceptible to a race condition vulnerability that may be exploited by local malicious users. During the installation process, attackers can leverage this vulnerability to execute arbitrary file or folder deletions, potentially compromising system integrity and user data.",Dell,Dell Display Manager,6.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-15T04:36:38.793Z,0
CVE-2025-21111,https://securityvulnerability.io/vulnerability/CVE-2025-21111,Plaintext Password Storage Vulnerability in Dell VxRail,"Versions 8.0.000 through 8.0.311 of Dell VxRail are susceptible to a vulnerability that allows a high-privileged attacker with local access to exploit plaintext storage of passwords. This flaw can lead to significant information exposure, compromising sensitive credentials stored inadequately within the system's architecture. System administrators should ensure timely updates and apply recommended security patches to mitigate potential risks associated with this vulnerability.",Dell,Vxrail D560 Firmware,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-08T18:15:00.000Z,0
CVE-2025-21102,https://securityvulnerability.io/vulnerability/CVE-2025-21102,Plaintext Password Storage Vulnerability in Dell VxRail,"Dell VxRail software versions 7.0.000 through 7.0.532 are impacted by a vulnerability that allows for the insecure storage of passwords in plaintext. This flaw could be exploited by attackers with local access who have high privileges, potentially leading to unauthorized information exposure. Organizations using affected versions should prioritize remediation to mitigate risks associated with this vulnerability.",Dell,Dell Vxrail Hci,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-08T11:25:48.282Z,0
CVE-2024-47239,https://securityvulnerability.io/vulnerability/CVE-2024-47239,Uncontrolled Resource Consumption Vulnerability in Dell PowerScale OneFS,"Dell PowerScale OneFS versions ranging from 8.2.2.x to 9.9.0.0 are affected by a vulnerability that allows low privileged remote attackers to exploit the system. This can lead to a denial of service, impacting the availability and functionality of the service. Organizations using the affected versions should apply necessary updates to mitigate potential risks.",Dell,Powerscale Onefs,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-08T02:00:15.883Z,0
CVE-2025-22395,https://securityvulnerability.io/vulnerability/CVE-2025-22395,Local Privilege Escalation in Dell Update Package Framework,"The Dell Update Package Framework, prior to version 22.01.02, contains a vulnerability that allows low-privileged local attackers to exploit the system. This exploitation could lead to the execution of arbitrary remote scripts, potentially resulting in service disruptions. It highlights the importance of keeping software updated to prevent unauthorized access and mitigate the risk of attack.",Dell,Dell Update Package (dup) Framework,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-07T02:52:54.624Z,0
CVE-2024-47475,https://securityvulnerability.io/vulnerability/CVE-2024-47475,Permission Assignment Flaw in Dell PowerScale OneFS,"Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.x are impacted by a vulnerability related to incorrect permission assignments for critical resources. This flaw allows a locally authenticated attacker to exploit the system, potentially leading to a denial of service. Users are encouraged to implement security updates to mitigate the risks associated with this issue. For further details, refer to the provided security advisory.",Dell,Powerscale Onefs,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-06T17:15:00.000Z,0
CVE-2024-51540,https://securityvulnerability.io/vulnerability/CVE-2024-51540,Arithmetic Overflow Vulnerability in Dell ECS Products,"An arithmetic overflow vulnerability has been identified in Dell ECS that affects versions prior to 3.8.1.3. This vulnerability arises from improper handling of retention periods, enabling authenticated users with bucket or object-level access, along with the necessary privileges, to potentially exploit this flaw. As a result, they could bypass established retention policies and delete objects within the system, posing a significant risk to data integrity and security.",Dell,Ecs,6.5,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-12-26T15:53:49.735Z,0
CVE-2024-52534,https://securityvulnerability.io/vulnerability/CVE-2024-52534,Authentication Bypass Vulnerability in Dell ECS,"Dell ECS is affected by an authentication bypass vulnerability that allows low-privileged attackers with remote access to exploit session information through a capture-replay mechanism. This could potentially lead to unauthorized access to user sessions, raising significant security concerns for organizations utilizing this storage solution. It is crucial for users of Dell ECS to apply the latest updates and patches to mitigate the risks associated with this vulnerability.",Dell,Ecs,5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-12-25T16:04:17.253Z,0
CVE-2024-52543,https://securityvulnerability.io/vulnerability/CVE-2024-52543,Insecure File Permissions in Dell NativeEdge,"Dell NativeEdge, specifically version 2.1.0.0, has a vulnerability that allows the creation of temporary files with insecure permissions. This flaw can be exploited by a high privileged user who has local access to the system, leading to a potential information disclosure. If not addressed, this vulnerability could allow unauthorized access to sensitive data and compromise the integrity of the affected system. It is crucial for organizations using this software to be aware of this issue and apply the necessary security updates as outlined in the vendor's advisory.",Dell,Nativeedge,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-25T15:13:57.030Z,0
CVE-2024-53291,https://securityvulnerability.io/vulnerability/CVE-2024-53291,Sensitive Information Exposure in Dell NativeEdge,"Dell NativeEdge version 2.1.0.0 has been identified with a vulnerability that enables the exposure of sensitive information through its metadata. An unauthenticated remote attacker could exploit this flaw to access confidential data, highlighting a significant concern for users relying on this software. It is essential for organizations to promptly apply recommended security updates and take necessary precautions to safeguard their information.",Dell,Nativeedge,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2024-12-25T15:02:42.544Z,0
CVE-2024-47978,https://securityvulnerability.io/vulnerability/CVE-2024-47978,Execution with Unnecessary Privileges in Dell NativeEdge,"Dell NativeEdge version 2.1.0.0 has a vulnerability that permits local attackers with low privileges to potentially exploit the system. This flaw can lead to elevated privileges, giving unauthorized users increased access to sensitive operations within the system. It is crucial for users and administrators of Dell NativeEdge to stay informed about this vulnerability and take immediate actions as recommended by Dell's security advisory to safeguard their environments.",Dell,Nativeedge,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-25T14:57:00.389Z,0
CVE-2024-52535,https://securityvulnerability.io/vulnerability/CVE-2024-52535,Privilege Escalation Vulnerability in Dell SupportAssist Software,"Dell SupportAssist for Home PCs and Business PCs contains a vulnerability related to symbolic link attacks in the software's remediation component. This issue allows low-privileged, authenticated users to exploit the vulnerability, potentially escalating their privileges. Such exploitation may result in unauthorized deletion of files and folders from affected systems, posing significant risks to data integrity. Users are urged to update to the latest versions to mitigate potential threats and enhance security.",Dell,"Supportassist For Home Pcs,Supportassist For Business Pcs",8.8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-12-25T14:41:36.996Z,0
CVE-2024-51532,https://securityvulnerability.io/vulnerability/CVE-2024-51532,Argument Injection Vulnerability in Dell PowerStore Affects Data Integrity,"CVE-2024-51532 is a vulnerability identified in the Dell PowerStore that stems from improper neutralization of argument delimiters in command processing, also known as Argument Injection. This issue allows a low privileged attacker with local access to exploit the vulnerability, potentially leading to unauthorized modification of arbitrary system files. Such an attack could compromise the integrity and availability of the affected PowerStore systems, making it critical for users to understand the implications and apply necessary security updates as stated in Dell's advisory.",Dell,Powerstore,7.1,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-19T01:40:17.525Z,0
CVE-2024-47480,https://securityvulnerability.io/vulnerability/CVE-2024-47480,Improper Link Resolution Issue in Dell Inventory Collector Client,"The vulnerability identified as CVE-2024-47480 affects Dell Inventory Collector Client versions prior to 12.7.0 and stems from an Improper Link Resolution Before File Access. This security flaw can be exploited by low-privilege attackers who have local access to the system. If successfully exploited, it may lead to Elevation of Privileges, granting unauthorized access to the file system, thereby compromising the integrity and confidentiality of sensitive data. To mitigate this vulnerability, it is crucial for users to update their Dell Inventory Collector Client to version 12.7.0 or later, as outlined in Dell's advisory.",Dell,Inventory Collector,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-18T03:15:00.000Z,0
CVE-2024-52542,https://securityvulnerability.io/vulnerability/CVE-2024-52542,Symlink Following Vulnerability in Dell AppSync,"CVE-2024-52542 is a high-risk Symlink Following vulnerability identified in Dell AppSync version 4.6.0.x. This vulnerability allows a low privileged attacker with local access to manipulate and tamper with sensitive information. Exploitation of this flaw could result in unauthorized access to critical data, emphasizing the need for prompt updates and security measures. Dell has released a security update to address this issue. For more details, please refer to the official advisory.",Dell,Appsync,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-17T11:33:54.239Z,0
CVE-2024-28980,https://securityvulnerability.io/vulnerability/CVE-2024-28980,Cryptographic Algorithm Vulnerability in Dell RecoverPoint for VMs,"Dell RecoverPoint for VMs versions 6.0.x are susceptible to a vulnerability involving the use of a broken cryptographic algorithm within SSH. This flaw may allow unauthenticated attackers with remote access the potential to exploit the system, leading to remote code execution. System administrators are urged to consult Dell's security advisory and implement necessary updates to mitigate associated risks.",Dell,Recoverpoint For Virtual Machines,9.8,CRITICAL,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-13T14:20:15.834Z,0
CVE-2024-47984,https://securityvulnerability.io/vulnerability/CVE-2024-47984,Denial of Service Vulnerability in Dell RecoverPoint for Virtual Machines,"The vulnerability in Dell RecoverPoint for Virtual Machines 6.0.x is classified as a Denial of Service risk. This flaw allows an attacker with remote access to exploit the system, potentially leading to a significant disruption in the product's functionalities. The persistence of this issue after a reboot could necessitate technical support for restoration, impacting operational efficiency and stability. It is crucial for users and administrators to be aware of this vulnerability and implement necessary precautions to mitigate risk.",Dell,Recoverpoint For Virtual Machines,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-13T14:15:53.203Z,0
CVE-2024-24902,https://securityvulnerability.io/vulnerability/CVE-2024-24902,Access Control Flaw in Dell RecoverPoint for Virtual Machines,"Dell RecoverPoint for Virtual Machines 6.0.x is impacted by an improper access control vulnerability that allows a low privileged local attacker to potentially gain temporary access to unauthorized data. This vulnerability could lead to a breach of sensitive information within the affected system, highlighting the importance of timely security updates and vigilant access management practices.",Dell,Recoverpoint For Virtual Machines,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-13T14:11:04.854Z,0