Filtered by vendor Dell
Subscribe
Total
1199 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32446 | 1 Dell | 10 Latitude 3420, Latitude 3440, Latitude 5440 and 7 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files. | |||||
| CVE-2023-28080 | 1 Dell | 1 Powerpath | 2024-11-21 | N/A | 6.7 MEDIUM |
| PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hijacking Vulnerabilities. A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. | |||||
| CVE-2023-28079 | 1 Dell | 1 Powerpath | 2024-11-21 | N/A | 7.0 HIGH |
| PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains Insecure File and Folder Permissions vulnerability. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. | |||||
| CVE-2023-28077 | 1 Dell | 1 Bsafe Ssl-j | 2024-11-21 | N/A | 4.4 MEDIUM |
| Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. | |||||
| CVE-2023-28076 | 1 Dell | 1 Cloudlink | 2024-11-21 | N/A | 5.9 MEDIUM |
| CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure. | |||||
| CVE-2023-28075 | 1 Dell | 484 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 481 more | 2024-11-21 | N/A | 6.9 MEDIUM |
| Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system. | |||||
| CVE-2023-28073 | 1 Dell | 4 Latitude 5530, Latitude 5530 Firmware, Precision 3570 and 1 more | 2024-11-21 | N/A | 8.2 HIGH |
| Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by bypassing certain authentication mechanisms in order to elevate privileges on the system. | |||||
| CVE-2023-28072 | 1 Dell | 1 Alienware Command Center | 2024-11-21 | N/A | 7.8 HIGH |
| Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system. | |||||
| CVE-2023-28071 | 2 Dell, Microsoft | 4 Alienware Update, Command Update, Update and 1 more | 2024-11-21 | N/A | 6.3 MEDIUM |
| Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). | |||||
| CVE-2023-28070 | 1 Dell | 1 Alienware Command Center | 2024-11-21 | N/A | 6.7 MEDIUM |
| Alienware Command Center Application, versions 5.5.43.0 and prior, contain an improper access control vulnerability. A local malicious user could potentially exploit this vulnerability during installation or update process leading to privilege escalation. | |||||
| CVE-2023-28069 | 1 Dell | 1 Streaming Data Platform | 2024-11-21 | N/A | 6.1 MEDIUM |
| Dell Streaming Data Platform prior to 1.4 contains Open Redirect vulnerability. A remote unauthenticated attacker can phish the legitimate user to redirect to malicious website leading to information disclosure and launch of phishing attacks. | |||||
| CVE-2023-28068 | 1 Dell | 1 Command \| Monitor | 2024-11-21 | N/A | 7.3 HIGH |
| Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path | |||||
| CVE-2023-28066 | 1 Dell | 1 Os Recovery Tool | 2024-11-21 | N/A | 7.3 HIGH |
| Dell OS Recovery Tool, versions 2.2.4013 and 2.3.7012.0, contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability in order to elevate privileges on the system. | |||||
| CVE-2023-28065 | 2 Dell, Microsoft | 4 Alienware Update, Command Update, Update and 1 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation. | |||||
| CVE-2023-28064 | 1 Dell | 140 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 137 more | 2024-11-21 | N/A | 3.5 LOW |
| Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2023-28063 | 1 Dell | 582 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 579 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2023-28062 | 1 Dell | 1 Powerprotect Data Manager | 2024-11-21 | N/A | 8.8 HIGH |
| Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions. | |||||
| CVE-2023-28061 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-11-21 | N/A | 5.1 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||
| CVE-2023-28060 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-11-21 | N/A | 5.1 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||
| CVE-2023-28059 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-11-21 | N/A | 5.1 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||