ReportizFlow
Filtered by vendor Dell
Subscriptions
Total
1077 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32454 | 1 Dell | 1 Update Package Framework | 2024-11-21 | 6.3 Medium |
| DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service | ||||
| CVE-2023-32453 | 1 Dell | 222 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 219 more | 2024-11-21 | 4.6 Medium |
| Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator. | ||||
| CVE-2023-32451 | 1 Dell | 1 Display Manager | 2024-11-21 | 7.3 High |
| Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation | ||||
| CVE-2023-32450 | 1 Dell | 1 Power Manager | 2024-11-21 | 6.1 Medium |
| Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access. | ||||
| CVE-2023-32448 | 1 Dell | 1 Powerpath | 2024-11-21 | 5.5 Medium |
| PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext vulnerability. A local user with access to the installation directory can retrieve the license key of the product and use it to install and license PowerPath on different systems. | ||||
| CVE-2023-32447 | 1 Dell | 10 Latitude 3420, Latitude 3440, Latitude 5440 and 7 more | 2024-11-21 | 5.5 Medium |
| Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure vulnerability. A malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files. | ||||
| CVE-2023-32446 | 1 Dell | 10 Latitude 3420, Latitude 3440, Latitude 5440 and 7 more | 2024-11-21 | 5.5 Medium |
| Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files. | ||||
| CVE-2023-28080 | 1 Dell | 1 Powerpath | 2024-11-21 | 6.7 Medium |
| PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hijacking Vulnerabilities. A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. | ||||
| CVE-2023-28079 | 1 Dell | 1 Powerpath | 2024-11-21 | 7 High |
| PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains Insecure File and Folder Permissions vulnerability. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. | ||||
| CVE-2023-28077 | 1 Dell | 1 Bsafe Ssl-j | 2024-11-21 | 4.4 Medium |
| Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. | ||||
| CVE-2023-28076 | 1 Dell | 1 Cloudlink | 2024-11-21 | 5.9 Medium |
| CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure. | ||||
| CVE-2023-28075 | 1 Dell | 485 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 482 more | 2024-11-21 | 6.9 Medium |
| Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system. | ||||
| CVE-2023-28072 | 1 Dell | 1 Alienware Command Center | 2024-11-21 | 7.8 High |
| Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system. | ||||
| CVE-2023-28071 | 2 Dell, Microsoft | 4 Alienware Update, Command Update, Update and 1 more | 2024-11-21 | 6.3 Medium |
| Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). | ||||
| CVE-2023-28070 | 1 Dell | 1 Alienware Command Center | 2024-11-21 | 6.7 Medium |
| Alienware Command Center Application, versions 5.5.43.0 and prior, contain an improper access control vulnerability. A local malicious user could potentially exploit this vulnerability during installation or update process leading to privilege escalation. | ||||
| CVE-2023-28069 | 1 Dell | 1 Streaming Data Platform | 2024-11-21 | 6.1 Medium |
| Dell Streaming Data Platform prior to 1.4 contains Open Redirect vulnerability. A remote unauthenticated attacker can phish the legitimate user to redirect to malicious website leading to information disclosure and launch of phishing attacks. | ||||
| CVE-2023-28068 | 1 Dell | 1 Command \| Monitor | 2024-11-21 | 7.3 High |
| Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path | ||||
| CVE-2023-28066 | 1 Dell | 1 Os Recovery Tool | 2024-11-21 | 7.3 High |
| Dell OS Recovery Tool, versions 2.2.4013 and 2.3.7012.0, contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability in order to elevate privileges on the system. | ||||
| CVE-2023-28064 | 1 Dell | 140 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 137 more | 2024-11-21 | 3.5 Low |
| Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2023-28063 | 1 Dell | 582 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 579 more | 2024-11-21 | 6.7 Medium |
| Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. | ||||