Filtered by vendor Dell
Subscribe
Total
1046 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-32461 | 1 Dell | 104 Emc Xc Core Xc450, Emc Xc Core Xc450 Firmware, Emc Xc Core Xc650 and 101 more | 2024-11-21 | N/A | 5.0 MEDIUM |
Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges. | |||||
CVE-2023-32460 | 1 Dell | 252 Dss 8440, Dss 8440 Firmware, Emc Nx440 Firmware and 249 more | 2024-11-21 | N/A | 8.8 HIGH |
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation. | |||||
CVE-2023-32457 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | N/A | 7.5 HIGH |
Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges. | |||||
CVE-2023-32455 | 1 Dell | 10 Latitude 3420, Latitude 3440, Latitude 5440 and 7 more | 2024-11-21 | N/A | 5.5 MEDIUM |
Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files. | |||||
CVE-2023-32454 | 1 Dell | 1 Update Package Framework | 2024-11-21 | N/A | 6.3 MEDIUM |
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service | |||||
CVE-2023-32453 | 1 Dell | 222 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 219 more | 2024-11-21 | N/A | 4.6 MEDIUM |
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator. | |||||
CVE-2023-32451 | 1 Dell | 1 Display Manager | 2024-11-21 | N/A | 7.3 HIGH |
Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation | |||||
CVE-2023-32450 | 1 Dell | 1 Power Manager | 2024-11-21 | N/A | 6.1 MEDIUM |
Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access. | |||||
CVE-2023-32449 | 1 Dell | 11 Powerstore 1000t, Powerstore 1200t, Powerstore 3000t and 8 more | 2024-11-21 | N/A | 7.2 HIGH |
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks | |||||
CVE-2023-32448 | 1 Dell | 1 Powerpath | 2024-11-21 | N/A | 5.5 MEDIUM |
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext vulnerability. A local user with access to the installation directory can retrieve the license key of the product and use it to install and license PowerPath on different systems. | |||||
CVE-2023-32447 | 1 Dell | 10 Latitude 3420, Latitude 3440, Latitude 5440 and 7 more | 2024-11-21 | N/A | 5.5 MEDIUM |
Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure vulnerability. A malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files. | |||||
CVE-2023-32446 | 1 Dell | 10 Latitude 3420, Latitude 3440, Latitude 5440 and 7 more | 2024-11-21 | N/A | 5.5 MEDIUM |
Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files. | |||||
CVE-2023-28080 | 1 Dell | 1 Powerpath | 2024-11-21 | N/A | 6.7 MEDIUM |
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hijacking Vulnerabilities. A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. | |||||
CVE-2023-28079 | 1 Dell | 1 Powerpath | 2024-11-21 | N/A | 7.0 HIGH |
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains Insecure File and Folder Permissions vulnerability. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. | |||||
CVE-2023-28077 | 1 Dell | 1 Bsafe Ssl-j | 2024-11-21 | N/A | 4.4 MEDIUM |
Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. | |||||
CVE-2023-28076 | 1 Dell | 1 Cloudlink | 2024-11-21 | N/A | 5.9 MEDIUM |
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure. | |||||
CVE-2023-28075 | 1 Dell | 484 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 481 more | 2024-11-21 | N/A | 6.9 MEDIUM |
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system. | |||||
CVE-2023-28073 | 1 Dell | 4 Latitude 5530, Latitude 5530 Firmware, Precision 3570 and 1 more | 2024-11-21 | N/A | 8.2 HIGH |
Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by bypassing certain authentication mechanisms in order to elevate privileges on the system. | |||||
CVE-2023-28072 | 1 Dell | 1 Alienware Command Center | 2024-11-21 | N/A | 7.8 HIGH |
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system. | |||||
CVE-2023-28071 | 2 Dell, Microsoft | 4 Alienware Update, Command Update, Update and 1 more | 2024-11-21 | N/A | 6.3 MEDIUM |
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). |