cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-22475,https://securityvulnerability.io/vulnerability/CVE-2025-22475,Cryptographic Implementation Vulnerability in Dell PowerProtect DD,"Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.10 are affected by a vulnerability related to the use of a cryptographic primitive with a risky implementation. This flaw could allow remote attackers to exploit the system, potentially leading to unauthorized information tampering. It is crucial for users to update their installations to the latest versions to mitigate this risk.",Dell,Powerprotect Dd,3.7,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-04T02:19:38.433Z,0
CVE-2024-53295,https://securityvulnerability.io/vulnerability/CVE-2024-53295,Improper Access Control in Dell PowerProtect DD Products,"An improper access control vulnerability exists in Dell PowerProtect DD that could be exploited by a local attacker with limited privileges. By leveraging this flaw, the attacker may gain the ability to escalate their privileges, potentially allowing unauthorized access to sensitive functions within the affected systems. This vulnerability is present in several versions of the product, highlighting the importance of keeping systems updated and implementing strict access controls.",Dell,Powerprotect Dd,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-01T04:12:10.402Z,0
CVE-2024-51534,https://securityvulnerability.io/vulnerability/CVE-2024-51534,Path Traversal Vulnerability in Dell PowerProtect DD Software,"A path traversal vulnerability exists in Dell PowerProtect DD prior to specified versions, allowing a local user with low privileges to exploit the system. Successfully exploiting this vulnerability can lead to unauthorized overwriting of operating system files on the server's filesystem. This compromise may result in denial of service, affecting the overall performance and availability of the system. Users are advised to update their software to the latest versions to mitigate potential risks.",Dell,Powerprotect Dd,7.1,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-01T04:02:24.954Z,0
CVE-2024-53296,https://securityvulnerability.io/vulnerability/CVE-2024-53296,Stack-based Buffer Overflow in Dell PowerProtect DD by Dell,"Dell PowerProtect DD software prior to versions 7.10.1.50 and 7.13.1.20 is susceptible to a stack-based buffer overflow in the RestAPI. This vulnerability may be exploited by a remote attacker with high privileges, enabling them to cause a Denial of Service (DoS) by manipulating API calls.",Dell,Powerprotect Dd,2.7,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-01T03:56:38.147Z,0
CVE-2024-48010,https://securityvulnerability.io/vulnerability/CVE-2024-48010,PowerProtect DD Vulnerability Could Lead to Escalation of Privilege,"Dell PowerProtect DD versions prior to 8.1.0.0, along with specific earlier versions, are susceptible to an access control vulnerability. This issue allows remote attackers with high privileges to potentially exploit the vulnerability, leading to unauthorized escalation of privileges within the application. It is crucial for organizations using affected versions to apply recommended security updates promptly to mitigate risks associated with potential exploits.",Dell,Powerprotect Dd,7.2,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-11-08T03:01:01.903Z,0
CVE-2024-45759,https://securityvulnerability.io/vulnerability/CVE-2024-45759,Dell PowerProtect Data Domain Vulnerability: Local Privilege Escalation Risk,"The vulnerability in Dell PowerProtect Data Domain prior to version 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50 allows local low privileged attackers to exploit the system. By executing certain commands, attackers may overwrite system configuration, which can disrupt its functionalities, leading to potential denial of service. This highlights a significant risk to the security and integrity of the affected products.",Dell,Powerprotect Dd,7.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-08T02:48:42.259Z,0
CVE-2024-48011,https://securityvulnerability.io/vulnerability/CVE-2024-48011,Dell PowerProtect DD Vulnerability: Exposure of Sensitive Information to Unauthorized Actor,"The vulnerability in Dell PowerProtect DD versions prior to 7.7.5.50 presents an exposure of sensitive information that could be exploited by a low privileged attacker with remote access. This exposure could potentially lead to unauthorized access to sensitive data, making it imperative for organizations using affected versions to implement necessary security updates and patches. Proper measures must be taken to protect valuable information and maintain the integrity of the security posture.",Dell,Powerprotect Dd,6.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-11-08T02:30:27.068Z,0
CVE-2024-37141,https://securityvulnerability.io/vulnerability/CVE-2024-37141,Dell PowerProtect DD Vulnerability Could Lead to Information Disclosure,"Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an open redirect vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.",Dell,Powerprotect Dd,3.5,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-26T04:00:34.863Z,0
CVE-2024-37140,https://securityvulnerability.io/vulnerability/CVE-2024-37140,Dell PowerProtect DD Vulnerability Could Lead to System Takeover,"An OS command injection vulnerability exists in Dell PowerProtect DD versions before 8.0 and certain LTS releases. This flaw can be targeted by remote attackers with low privileges, enabling them to execute arbitrary OS commands on the underlying operating system. Successful exploitation could allow adversaries to gain control over the system, posing a severe risk to data and service integrity. For detailed guidance on mitigation and security updates, consult Dell's official advisory.",Dell,Powerprotect Dd,8.8,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-06-26T03:54:38.461Z,0
CVE-2024-37139,https://securityvulnerability.io/vulnerability/CVE-2024-37139,Dell PowerProtect DD Vulnerability Could Lead to Denial of Service,"Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an Improper Control of a Resource Through its Lifetime vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to temporary resource constraint of system application. Exploitation may lead to denial of service of the application.",Dell,Powerprotect Dd,6.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-26T03:38:45.473Z,0
CVE-2024-37138,https://securityvulnerability.io/vulnerability/CVE-2024-37138,Dell PowerProtect DD Vulnerability Could Lead to Unauthorized File Access,"Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC contain a relative path traversal vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the application sending over an unauthorized file to the managed system.",Dell,Powerprotect Dd,6.8,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-06-26T03:24:40.504Z,0
CVE-2024-29175,https://securityvulnerability.io/vulnerability/CVE-2024-29175,Dell PowerProtect Data Domain Vulnerability Could Lead to Man-in-the-Middle Attacks,"Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an weak cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to man-in-the-middle attack that exposes sensitive session information.",Dell,Powerprotect Dd,5.9,MEDIUM,0.0008699999889358878,false,,false,false,false,,,false,false,,2024-06-26T03:03:06.155Z,0
CVE-2024-29174,https://securityvulnerability.io/vulnerability/CVE-2024-29174,Dell Data Domain SQL Injection Vulnerability Affects Data Security,"Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS 7.10.1.20 contain an SQL Injection vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing unauthorized access to application data.",Dell,Powerprotect Dd,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-26T02:57:41.758Z,0
CVE-2024-29173,https://securityvulnerability.io/vulnerability/CVE-2024-29173,Dell PowerProtect DD Vulnerable to Server-Side Request Forgery (SSRF) Attacks,"Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Server-Side Request Forgery (SSRF) vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to disclosure of information on the application or remote client.",Dell,Powerprotect Dd,4.9,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-06-26T02:51:56.989Z,0
CVE-2024-29177,https://securityvulnerability.io/vulnerability/CVE-2024-29177,Temporary Sensitive Information Vulnerability Affects Dell PowerProtect DD Versions,"Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a disclosure of temporary sensitive information vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the reuse of disclosed information to gain unauthorized access to the application report.",Dell,Powerprotect Dd,2.7,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-26T02:46:55.073Z,0
CVE-2024-29176,https://securityvulnerability.io/vulnerability/CVE-2024-29176,Buffer Overflow Vulnerability Affects Dell PowerProtect DD Versions,"The Out-of-bounds Write vulnerability in Dell PowerProtect DD affects multiple versions including 8.0 and several 7.x releases. This weakness allows a low privileged attacker with remote access the potential to exploit the software, possibly leading to unauthorized code execution. It is crucial for users to be aware of this vulnerability and apply the necessary security updates to mitigate associated risks.",Dell,Powerprotect Dd,8.8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-06-26T02:37:54.785Z,0
CVE-2024-28973,https://securityvulnerability.io/vulnerability/CVE-2024-28973,Dell PowerProtect DD Vulnerable to Stored Cross-Site Scripting Attacks,"Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Stored Cross-Site Scripting Vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a high privileged victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery",Dell,Powerprotect Dd,4.8,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-26T02:31:10.767Z,0
CVE-2023-44279,https://securityvulnerability.io/vulnerability/CVE-2023-44279,OS Command Injection Vulnerability in Dell PowerProtect Products,"An OS command injection vulnerability exists in the administrator CLI of Dell PowerProtect DD, affecting several versions. A local user with high privileges could exploit this flaw to bypass security mechanisms, potentially leading to unauthorized system access and control. It is crucial for organizations using affected versions to implement recommended security patches to safeguard against possible exploitation.",Dell,Powerprotect Dd,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-12-14T16:15:00.000Z,0
CVE-2023-48668,https://securityvulnerability.io/vulnerability/CVE-2023-48668,OS Command Injection in Dell PowerProtect DD,"Dell PowerProtect DD contains an OS command injection vulnerability within its management operations. A local attacker with high privileges may exploit this issue to execute arbitrary OS commands on the underlying operating system of the managed application. Successful exploitation could allow the attacker to gain control over the managed environment, posing a significant risk to system integrity and data security.",Dell," PowerProtect DD",8.2,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-12-14T16:15:00.000Z,0
CVE-2023-44278,https://securityvulnerability.io/vulnerability/CVE-2023-44278,Path Traversal Vulnerability in Dell PowerProtect DD,"A path traversal vulnerability exists in Dell PowerProtect DD versions before 7.13.0.10, allowing a local attacker with high privileges to potentially exploit this flaw. By leveraging this vulnerability, the attacker could gain unauthorized read and write access to sensitive operating system files stored on the server filesystem, thereby compromising the integrity and confidentiality of the affected system's data.",Dell,PowerProtect DD,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-12-14T16:15:00.000Z,0
CVE-2023-44285,https://securityvulnerability.io/vulnerability/CVE-2023-44285,Improper Access Control in Dell PowerProtect Data Domain,"Dell PowerProtect Data Domain is vulnerable to an improper access control issue in multiple versions. A local malicious user with low privileges could exploit this vulnerability, potentially allowing them to escalate their privileges. This flaw affects various version releases, making it critical for users to update to secure versions to protect their systems from unauthorized access and potential threats.",Dell,PowerProtect DD,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-12-14T16:15:00.000Z,0
CVE-2023-48667,https://securityvulnerability.io/vulnerability/CVE-2023-48667,OS Command Injection Vulnerability in Dell PowerProtect DD,"An OS command injection vulnerability exists in the administrator CLI of Dell PowerProtect DD that allows remote attackers with high privileges to execute arbitrary OS commands. This weakness may facilitate security restrictions bypass, potentially allowing attackers to gain control over the affected systems. Users of impacted versions are urged to take immediate action to mitigate this risk.",Dell,PowerProtect DD,7.2,HIGH,0.001180000021122396,false,,false,false,false,,,false,false,,2023-12-14T16:15:00.000Z,0
CVE-2023-44284,https://securityvulnerability.io/vulnerability/CVE-2023-44284,SQL Injection Vulnerability in Dell PowerProtect DD,"The Dell PowerProtect DD product suite is affected by an SQL Injection vulnerability present in versions prior to 7.13.0.10. This flaw enables a remote attacker with low privileges to execute specific SQL commands on the backend database, which could lead to unauthorized access to sensitive application data. It is crucial for organizations utilizing these versions to apply security updates and mitigate potential risks associated with this vulnerability.",Dell,Powerprotect Dd,4.3,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2023-12-14T16:15:00.000Z,0
CVE-2023-44286,https://securityvulnerability.io/vulnerability/CVE-2023-44286,DOM-Based Cross-Site Scripting in Dell PowerProtect DD Product,"The PowerProtect DD product from Dell is vulnerable to a DOM-based Cross-Site Scripting flaw in versions preceding 7.13.0.10. An unauthenticated remote attacker could exploit this vulnerability to inject malicious HTML or JavaScript code into a victim's browser environment. Successful exploitation may lead to serious issues such as session theft, unauthorized disclosure of sensitive information, or client-side request forgery, jeopardizing user security and privacy.",Dell,"PowerProtect DD ",8.8,HIGH,0.0011699999449774623,false,,false,false,false,,,false,false,,2023-12-14T16:15:00.000Z,0
CVE-2023-44277,https://securityvulnerability.io/vulnerability/CVE-2023-44277,OS Command Injection Vulnerability in Dell PowerProtect DD,"An OS command injection vulnerability exists in the command-line interface (CLI) of Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, and 6.2.1.110. This flaw allows a local attacker with low privileges to potentially execute arbitrary operating system commands. If exploited, this could enable an attacker to gain control over the underlying operating system with the same privileges as the vulnerable application, posing a significant security risk.",Dell,PowerProtect DD,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-12-14T15:15:00.000Z,0