Lucene search
K
DellData Domain Operating System

99 matches found

CVE
CVE
added 2026/07/03 12:25 p.m.18 views

CVE-2026-41123

Dell PowerProtect Data Domain (versions 7.7.1.0–8.6; LTS2026 8.6.1.0–8.6.1.10; LTS2025 8.3.1.0–8.3.1.30; LTS2024 7.13.1.0–7.13.1.70) contains an improper RBAC access control vulnerability. The issue allows a low-privileged, remote attacker to cause information tampering due to RBAC misconfigurati...

4.3CVSS6AI score0.00152EPSS
CVE
CVE
added 2026/07/03 12:15 p.m.18 views

CVE-2026-44268

Dell PowerProtect Data Domain (versions 7.7.1.0–8.6, plus LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, LTS2024 7.13.1.0–7.13.1.70) contains an incorrect permission assignment for a critical resource vulnerability. A high-privileged attacker with local access could potentially exploit this ...

4.4CVSS6AI score0.00104EPSS
CVE
CVE
added 2026/07/03 12:54 p.m.18 views

CVE-2026-46730

CVE-2026-46730 affects Dell PowerProtect Data Domain: versions 7.7.1.0 through 8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, and LTS2024 7.13.1.0–7.13.1.70 contain an incorrect authorization vulnerability . A high-privileged attacker with local access could potentially exploit this to ...

4.2CVSS6AI score0.00116EPSS
CVE
CVE
added 2025/10/07 7:6 p.m.17 views

CVE-2025-43905

CVE-2025-43905 affects Dell PowerProtect Data Domain running DD OS Feature Release 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60. The issue is an Improper Neutralization of Argument Delimiters in a Command (Argument Injection) which could allow a lo...

6.5CVSS6.3AI score0.00308EPSS
CVE
CVE
added 2026/04/20 3:58 p.m.17 views

CVE-2026-23774

Dell PowerProtect Data Domain running DD OS Feature Release 7.7.1.0–8.5, LTS2025 8.3.1.0–8.3.1.10, LTS2024 7.13.1.0–7.13.1.40 contains an OS command injection vulnerability. A high-privilege attacker with remote access could achieve arbitrary command execution. Affected component: DD OS (OS-level...

7.2CVSS5.9AI score0.0147EPSS
CVE
CVE
added 2026/04/17 10:57 a.m.17 views

CVE-2026-35074

CVE-2026-35074 affects Dell PowerProtect Data Domain products: 7.7.1.0–8.7.0.0, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.60. The issue is an improper neutralization of special elements used in an OS command injection vulnerability, enabling a high-privilege local attacker to execute ...

6.7CVSS6AI score0.00571EPSS
CVE
CVE
added last week17 views

CVE-2026-53481

Dell PowerProtect Data Domain is affected by a Path Traversal vulnerability (CVE-2026-53481) in versions 7.7.1.0–8.7, including LTS2026 (8.6.1.0–8.6.1.10), LTS2025 (8.3.1.0–8.3.1.30), and LTS2024 (7.13.1.0–7.13.1.70). An unauthenticated, remotely accessible attacker could exploit this to gain una...

9.8CVSS6AI score0.00632EPSS
CVE
CVE
added 2025/10/07 7:49 p.m.16 views

CVE-2025-36565

Dell PowerProtect Data Domain running DD OS on Feature Release 7.7.1.0–8.1.0.10, LTS2024 7.13.1.0–7.13.1.25, and LTS 2023 7.10.1.0–7.10.1.50 is affected by an Improper Neutralization of Argument Delimiters (Argument Injection) vulnerability. A local attacker with high privileges could exploit thi...

6.7CVSS6.5AI score0.00191EPSS
CVE
CVE
added 2025/10/07 7:44 p.m.16 views

CVE-2025-36566

Dell PowerProtect Data Domain running DD OS Feature Release versions 7.7.1.0–8.1.0.10, LTS2024 7.13.1.0–7.13.1.25, and LTS2023 7.10.1.0–7.10.1.50 contains an OS Command Injection due to improper neutralization of special elements. A high-privilege, local attacker could execute arbitrary commands ...

6.7CVSS6.5AI score0.00612EPSS
CVE
CVE
added 2025/10/07 7:26 p.m.16 views

CVE-2025-43727

Dell PowerProtect Data Domain (DD OS) versions 7.7.1.0–8.1.0.10, 7.13.1.0–7.13.1.25, and 7.10.1.0–7.10.1.50 contain an incorrect implementation of the RestAPI authentication algorithm, enabling an unauthenticated remote attacker to gain unauthorized access. No exploitation details are provided in...

7.5CVSS6.5AI score0.00337EPSS
CVE
CVE
added 2025/10/07 6:54 p.m.16 views

CVE-2025-43913

Dell PowerProtect Data Domain (DD OS) feature releases 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS 2023 7.10.1.0–7.10.1.60 contain a vulnerability described as Use of a Broken or Risky Cryptographic Algorithm. An unauthenticated, remote attacker could potentially cause ...

6.5CVSS6.2AI score0.00156EPSS
CVE
CVE
added 2025/10/07 7:0 p.m.16 views

CVE-2025-45375

Dell PowerProtect Data Domain and the Data Domain Operating System (DD OS) Feature Release 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60 contain a stack-based buffer overflow. A high-privilege user with local access could exploit this to cause a Den...

4.4CVSS5.8AI score0.0012EPSS
CVE
CVE
added 2026/01/09 4:14 p.m.16 views

CVE-2025-46645

Dell PowerProtect Data Domain with DD OS is affected by OS Command Injection due to improper neutralization of special elements. A high-privilege attacker with remote access could execute commands, potentially impacting confidentiality, integrity, and availability as described. Affected releases ...

7.2CVSS6.4AI score0.01409EPSS
CVE
CVE
added 2026/07/03 12:41 p.m.16 views

CVE-2026-26355

Dell PowerProtect Data Domain: OS command injection vulnerability affects 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, LTS2024 7.13.1.0–7.13.1.70. A high-privilege attacker with remote access could potentially achieve command execution. No explicit remediation details are prov...

6.5CVSS6AI score0.01052EPSS
CVE
CVE
added 2026/04/17 11:44 a.m.16 views

CVE-2026-28263

CVE-2026-28263 affects Dell PowerProtect Data Domain running DD OS Feature Release 7.7.1.0–8.5, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.50. It describes a cross-site scripting vulnerability that could be exploited by a high-privilege attacker with remote access, leading to script in...

5.9CVSS5.7AI score0.00204EPSS
CVE
CVE
added 2026/04/17 10:48 a.m.16 views

CVE-2026-35072

Dell PowerProtect Data Domain (versions 7.7.1.0–8.7.0.0; LTS2025 8.3.1.0–8.3.1.20; LTS2024 7.13.1.0–7.13.1.60) contains an OS command injection vulnerability due to improper neutralization of special elements in commands. A high-privilege local attacker could potentially execute arbitrary command...

6.7CVSS6AI score0.00571EPSS
CVE
CVE
added 2026/07/03 12:46 p.m.16 views

CVE-2026-56085

Dell PowerProtect Data Domain is affected by CVE-2026-56085. The description indicates an use of uninitialized resource vulnerability in versions 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, and LTS2024 7.13.1.0–7.13.1.70, with a low-privileged, local attacker potentially caus...

3.3CVSS5.9AI score0.00095EPSS
CVE
CVE
added 2025/10/07 7:38 p.m.15 views

CVE-2025-36569

Dell PowerProtect Data Domain with DD OS is affected by OS Command Injection in Feature Release 7.7.1.0–8.1.0.10, 7.13.1.0–7.13.1.25, and 7.10.1.0–7.10.1.50. The issue arises from improper neutralization of special elements in OS commands, allowing a high-privileged, local attacker to execute arb...

6.7CVSS6.7AI score0.00485EPSS
CVE
CVE
added 2025/10/07 6:22 p.m.15 views

CVE-2025-43908

Dell PowerProtect Data Domain (DD OS) is affected by an OS Command Injection vulnerability in Feature Release 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60. The issue arises from improper neutralization of special elements in OS commands, potentiall...

6.7CVSS6.7AI score0.00392EPSS
CVE
CVE
added 2026/04/17 11:36 a.m.15 views

CVE-2025-46606

Dell PowerProtect Data Domain with DD OS Feature Release versions 8.4–8.5 are affected by an improper restriction of excessive authentication attempts, which could allow a high-privilege attacker with remote access to gain unauthorized access. The vulnerability details, including affected product...

7.2CVSS5.8AI score0.00368EPSS
CVE
CVE
added 2026/04/17 8:33 a.m.15 views

CVE-2026-23778

Affected product: Dell PowerProtect Data Domain with DD OS (Feature Release: 7.7.1.0–8.5; LTS2025: 8.3.1.0–8.3.1.20; LTS2024: 7.13.1.0–7.13.1.50). Issue: command injection vulnerability allowing a high-privilege, remote attacker to potentially gain root-level access. Impact: CVSS v3.1 base score ...

7.2CVSS5.8AI score0.0114EPSS
CVE
CVE
added 2026/04/20 4:8 p.m.15 views

CVE-2026-24504

CVE-2026-24504 affects Dell PowerProtect Data Domain versions 7.7.1.0–8.6, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.60, due to improper input validation. A high-privilege attacker with remote access could potentially exploit this to achieve arbitrary command execution with root privi...

7.2CVSS6.1AI score0.00441EPSS
CVE
CVE
added 2025/10/07 7:32 p.m.14 views

CVE-2025-36567

Dell PowerProtect Data Domain (DD OS) is affected by an OS Command Injection vulnerability due to improper neutralization of special elements in commands. A high-privilege local attacker could execute arbitrary commands and potentially escalate to root on DD OS Feature Release 7.7.1.0–8.1.0.10, L...

6.7CVSS6.5AI score0.00612EPSS
CVE
CVE
added 2026/04/17 8:12 a.m.14 views

CVE-2025-36568

Dell PowerProtect Data Domain BoostFS for client Feature Release versions 7.7.1.0–8.5, LTS2025 8.3.1.0–8.3.1.20, LTS2024 7.13.1.0–7.13.1.50 contains an insufficiently protected credentials vulnerability. A low‑privileged attacker with local access could exploit this to obtain credentials and acce...

7.8CVSS5.7AI score0.0011EPSS
CVE
CVE
added 2025/10/07 7:11 p.m.14 views

CVE-2025-43909

Dell PowerProtect Data Domain (DD OS) versions 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60 contain a vulnerability in the DD boost component due to use of a broken or risky cryptographic algorithm. An unauthenticated, remote attacker could exploit...

7.5CVSS6.5AI score0.00151EPSS
CVE
CVE
added 2025/10/07 6:8 p.m.14 views

CVE-2025-43911

Dell PowerProtect Data Domain (DD OS) feature releases and LTS lines are affected by an OS command injection vulnerability in multiple versions, caused by improper neutralization of special elements in OS commands. A high-privilege attacker with local access could achieve arbitrary command execut...

6.7CVSS6.6AI score0.00612EPSS
CVE
CVE
added 2026/04/17 11:27 a.m.14 views

CVE-2025-46605

Dell PowerProtect Data Domain (DD OS Feature Release 8.4–8.5) contains a session fixation vulnerability that could allow a high-privilege attacker with remote access to gain unauthorized access. A Dell security update (DSA-2026-060) has been released to address this issue; apply the Dell patch to...

7.2CVSS5.8AI score0.00314EPSS
CVE
CVE
added 2026/04/17 11:13 a.m.14 views

CVE-2025-46607

Dell PowerProtect Data Domain running DD OS Feature Release versions 8.4–8.5 contains an improper authentication vulnerability. A high-privileged attacker with remote access could potentially achieve unauthorized access to the system. The available documents do not specify affected versions beyon...

7.2CVSS5.8AI score0.00368EPSS
CVE
CVE
added 2026/04/20 4:39 p.m.14 views

CVE-2026-22761

CVE-2026-22761 affects Dell PowerProtect Data Domain, versions 8.5–8.6. A vulnerability described as a command injection could allow a high-privileged, remote attacker to execute arbitrary commands with root privileges. The issue is documented across multiple sources (NVD/Red Hat/EUVD/NVD mirrors...

7.2CVSS6.1AI score0.01159EPSS
CVE
CVE
added 2025/10/07 5:53 p.m.13 views

CVE-2025-43890

Dell PowerProtect Data Domain with DD OS feature releases from 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60 contains an OS command injection vulnerability (Improper Neutralization of Special Elements used in an OS Command). A high-privilege local a...

6.7CVSS6.6AI score0.00612EPSS
CVE
CVE
added 2025/10/07 6:43 p.m.13 views

CVE-2025-43891

CVE-2025-43891 affects Dell PowerProtect Data Domain products running DD OS Feature Release 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60. The vulnerability is a use of a Broken or Risky Cryptographic Algorithm in the Authentication process, allowin...

7.5CVSS6.5AI score0.00198EPSS
CVE
CVE
added 2025/10/07 7:16 p.m.13 views

CVE-2025-43910

Dell PowerProtect Data Domain products running DD OS Feature Release 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS 2023 7.10.1.0–7.10.1.60 contain a Stack-based Buffer Overflow in the DDSH CLI. The vulnerability allows a high-privileged, local attacker to trigger a Denial...

4.4CVSS5.8AI score0.0012EPSS
CVE
CVE
added 2025/10/07 6:48 p.m.13 views

CVE-2025-43912

Dell PowerProtect Data Domain and DD OS versions are affected by a heap-based buffer overflow vulnerability. Affected releases include Feature Release 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS 2023 7.10.1.0–7.10.1.60. The issue can be triggered by an unauthenticated, ...

7.5CVSS6.6AI score0.00331EPSS
CVE
CVE
added 2025/10/07 5:43 p.m.13 views

CVE-2025-43914

Dell PowerProtect Data Domain BoostFS for Linux is affected on multiple releases (Ubuntu Feature Releases 7.7.1.0–8.3.0.15; LTS 2025: 8.3.1.0; LTS 2024: 7.13.1.0–7.13.1.30; LTS 2023: 7.10.1.0–7.10.1.60). Issue: Incorrect Privilege Allocation allowing a local, low-privilege attacker to achieve una...

7.8CVSS6AI score0.00095EPSS
CVE
CVE
added 2025/10/07 6:2 p.m.12 views

CVE-2025-43906

Dell PowerProtect Data Domain (DD OS) affected releases include 7.7.1.0–8.3.0.15, 8.3.1.0 (DD OS LTS2025), 7.13.1.0–7.13.1.30 (LTS2024), and 7.10.1.0–7.10.1.60 (LTS2023). The issue is an Improper Neutralization of Special Elements used in OS Commands (OS Command Injection) that could allow a high...

6.7CVSS6.6AI score0.00612EPSS
CVE
CVE
added 2025/10/07 6:14 p.m.12 views

CVE-2025-43907

CVE-2025-43907 affects Dell PowerProtect Data Domain with DD OS feature releases 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60. Description from PT-2025-41149 confirms a Path Traversal issue where the sequence '.../...//' can be exploited by a remot...

6.5CVSS6.2AI score0.00359EPSS
CVE
CVE
added 2025/10/07 6:30 p.m.12 views

CVE-2025-43934

Dell PowerProtect Data Domain and DD OS (various releases) are affected by a Path Traversal vulnerability caused by an improper limitation of a pathname to a restricted directory. A high-privilege attacker with local access could trigger a denial of service and unauthorized access. Affected versi...

6CVSS5.7AI score0.00157EPSS
CVE
CVE
added 2026/04/20 4:44 p.m.12 views

CVE-2026-26951

CVE-2026-26951 affects Dell PowerProtect Data Domain. The advisory states a stack-based buffer overflow in the product affecting: 7.7.1.0–8.6, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.60. The vulnerability could be exploited by a high-privilege attacker with local access to achieve a...

6.7CVSS6.4AI score0.0013EPSS
CVE
CVE
added last week12 views

CVE-2026-53479

Dell PowerProtect Data Domain is affected: versions 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, and LTS2024 7.13.1.0–7.13.1.70 contain an OS command injection due to improper neutralization of special elements. A remote high-privileged attacker could exploit this to bypass pr...

7.2CVSS6.2AI score0.01196EPSS
CVE
CVE
added 2025/10/07 6:37 p.m.11 views

CVE-2025-43889

Dell PowerProtect Data Domain (DD OS) components are affected across Feature Release 7.7.1.0–8.4, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60 by an Unauthenticated Path Traversal in the UI that can expose information via remote access. The issue is described as an improper limitati...

7.5CVSS6.4AI score0.00355EPSS
CVE
CVE
added 2026/01/09 3:31 p.m.11 views

CVE-2025-46644

Dell PowerProtect Data Domain (DD OS) affected ranges: Feature Release 7.7.1.0–8.4.0.0, LTS2025 8.3.1.10, LTS2024 7.13.1.0–7.13.1.40, LTS2023 7.10.1.0–7.10.1.70. Description: OS Command Injection vulnerability due to improper neutralization of special elements in commands. Impact: a highly privil...

6.7CVSS6.1AI score0.00509EPSS
CVE
CVE
added 2026/01/09 3:48 p.m.11 views

CVE-2025-46676

Dell PowerProtect Data Domain (DD OS) versions 7.7.1.0–8.4.0.0; LTS2025 8.3.1.10; LTS2024 7.13.1.0–7.13.1.40; LTS2023 7.10.1.0–7.10.1.70 contain an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A high-privilege attacker with remote access could disclose information. Re...

4.9CVSS6.1AI score0.00284EPSS
CVE
CVE
added 2026/04/17 8:22 a.m.11 views

CVE-2026-23775

Affected product/versions: Dell PowerProtect Data Domain appliances running DD OS Feature Release 8.0–8.5 and LTS2025 8.3.1.0–8.3.1.10. Vulnerability and root cause: In DD OS, an insertion of sensitive information into a log file. The provided documents do not specify the exact code path but indi...

7.6CVSS5.8AI score0.00326EPSS
CVE
CVE
added 2026/04/17 9:4 a.m.11 views

CVE-2026-23779

CVE-2026-23779 affects Dell PowerProtect Data Domain running DD OS. Versions: Feature Release 7.7.1.0–8.5, LTS2025 8.3.1.0–8.3.1.20, LTS2024 7.13.1.0–7.13.1.50. Description: a command injection vulnerability where a high-privileged attacker with local access could potentially obtain root-level ac...

6.7CVSS5.8AI score0.00524EPSS
CVE
CVE
added 2026/01/09 4:7 p.m.10 views

CVE-2025-46643

Dell PowerProtect Data Domain running DD OS Feature Releases 7.7.1.0–8.4.0.0, LTS2025 8.3.1.10, LTS2024 7.13.1.0–7.13.1.40, and LTS 2023 7.10.1.0–7.10.1.70 contains a Heap-based Buffer Overflow. A high-privilege attacker with local access could exploit this to cause a Denial of Service. Remediati...

4.4CVSS5.8AI score0.0014EPSS
CVE
CVE
added 6 days ago9 views

CVE-2026-53482

Dell PowerProtect Data Domain (versions 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, LTS2024 7.13.1.0–7.13.1.70) contains an Integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could exploit this to cause a denial of service . Exploitat...

7.5CVSS6AI score0.00338EPSS
CVE
CVE
added 6 days ago9 views

CVE-2026-56086

Dell PowerProtect Data Domain is affected (versions 7.7.1.0–8.6, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, LTS2024 7.13.1.0–7.13.1.70) by an Incorrect Authorization vulnerability. A low-privileged, remote attacker could potentially gain unauthorized access. The CVE description provides ...

8.8CVSS6AI score0.00286EPSS
CVE
CVE
added 6 days ago8 views

CVE-2026-41122

CVE-2026-41122 affects Dell PowerProtect Data Domain: versions 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, and LTS2024 7.13.1.0–7.13.1.70 contain a stored cross-site scripting vulnerability. An unauthenticated attacker with remote access could exploit this to cause informatio...

7.1CVSS5.9AI score0.00202EPSS
CVE
CVE
added 6 days ago7 views

CVE-2026-53480

Dell PowerProtect Data Domain (versions 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, LTS2024 7.13.1.0–7.13.1.70) contains a path traversal vulnerability due to an improper limitation of a pathname to a restricted directory. A high-privilege attacker with remote access could po...

2.7CVSS6AI score0.00263EPSS
Total number of security vulnerabilities99