CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-38743
https://notcve.org/view.php?id=CVE-2025-38743
21 Aug 2025 — Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges. • https://www.dell.com/support/kbdoc/en-us/000359617/dsa-2025-311-security-update-for-dell-idrac-service-module-vulnerabilities • CWE-805: Buffer Access with Incorrect Length Value •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-38742
https://notcve.org/view.php?id=CVE-2025-38742
21 Aug 2025 — Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. • https://www.dell.com/support/kbdoc/en-us/000359617/dsa-2025-311-security-update-for-dell-idrac-service-module-vulnerabilities • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-21110
https://notcve.org/view.php?id=CVE-2025-21110
14 Aug 2025 — Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. • https://www.dell.com/support/kbdoc/en-us/000356822/dsa-2025-313-security-update-for-dell-data-lakehouse-multiple-vulnerabilities • CWE-250: Execution with Unnecessary Privileges •
CVSS: 2.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36613
https://notcve.org/view.php?id=CVE-2025-36613
14 Aug 2025 — SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access. • https://www.dell.com/support/kbdoc/en-us/000356690/dsa-2025-296-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-vulnerabilities • CWE-266: Incorrect Privilege Assignment •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36612
https://notcve.org/view.php?id=CVE-2025-36612
14 Aug 2025 — SupportAssist for Business PCs, version(s) 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. • https://www.dell.com/support/kbdoc/en-us/000356690/dsa-2025-296-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-vulnerabilities • CWE-266: Incorrect Privilege Assignment •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-38738
https://notcve.org/view.php?id=CVE-2025-38738
14 Aug 2025 — SupportAssist for Home PCs Installer exe version(s) 4.8.2.29006 and prior, contain(s) an Incorrect Privilege Assignment vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. • https://www.dell.com/support/kbdoc/en-us/000356690/dsa-2025-296-security-update-for-dell-supportassist-for-home-pcs-and-dell-supportassist-for-business-pcs-vulnerabilities • CWE-266: Incorrect Privilege Assignment •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-38745
https://notcve.org/view.php?id=CVE-2025-38745
14 Aug 2025 — Dell OpenManage Enterprise, versions 3.10, 4.0, 4.1, and 4.2, contains an Insertion of Sensitive Information into Log File vulnerability in the Backup and Restore. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. • https://www.dell.com/support/kbdoc/en-us/000356351/dsa-2025-314-security-update-for-dell-openmanage-enterprise-vulnerability • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26484
https://notcve.org/view.php?id=CVE-2025-26484
14 Aug 2025 — Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External Entity Reference vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. • https://www.dell.com/support/kbdoc/en-us/000356343/dsa-2025-321-security-update-for-dell-cloudlink-vulnerability • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 3.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36581
https://notcve.org/view.php?id=CVE-2025-36581
14 Aug 2025 — Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. • https://www.dell.com/support/kbdoc/en-us/000356405/dsa-2025-299-security-update-for-dell-poweredge-server-bios-for-an-access-of-memory-location-after-end-of-buffer-vulnerability • CWE-788: Access of Memory Location After End of Buffer •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-38746
https://notcve.org/view.php?id=CVE-2025-38746
06 Aug 2025 — Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure. Dell SupportAssist OS Recovery, versiones anteriores a la 5.5.14.0, contiene una vulnerabilidad de exposición de información confidencial a un agente no autorizado. Un atacante no autenticado con acceso físico podría explotar esta vulne... • https://www.dell.com/support/kbdoc/en-us/000353093/dsa-2025-315 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •