Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-32479 |
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by replacing binaries in installed directory and taking reverse shell of the system leading to Privilege Escalation. Published: February 06, 2024; 3:15:51 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-32474 |
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion Published: February 06, 2024; 3:15:50 AM -0500 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0:(not available) |
CVE-2023-32454 |
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service Published: February 06, 2024; 3:15:49 AM -0500 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
CVE-2023-32451 |
Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation Published: February 06, 2024; 3:15:48 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-28063 |
Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. Published: February 06, 2024; 3:15:46 AM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2024-22433 |
Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.get_ldap_info in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity, Protection, and remote takeover of the system. This is a high-severity vulnerability as it allows an attacker to take complete control of DP Search to affect downstream protected devices. Published: February 06, 2024; 2:15:11 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-52239 |
The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport. Published: February 06, 2024; 2:15:10 AM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-28049 |
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete. Published: February 06, 2024; 2:15:09 AM -0500 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
CVE-2023-25543 |
Dell Power Manager, versions prior to 3.14, contain an Improper Authorization vulnerability in DPM service. A low privileged malicious user could potentially exploit this vulnerability in order to elevate privileges on the system. Published: February 06, 2024; 2:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-43536 |
Transient DOS while parse fils IE with length equal to 1. Published: February 06, 2024; 1:16:03 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-43535 |
Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger. Published: February 06, 2024; 1:16:03 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-43534 |
Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. Published: February 06, 2024; 1:16:02 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-43533 |
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame. Published: February 06, 2024; 1:16:02 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-43532 |
Memory corruption while reading ACPI config through the user mode app. Published: February 06, 2024; 1:16:02 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-43523 |
Transient DOS while processing 11AZ RTT management action frame received through OTA. Published: February 06, 2024; 1:16:02 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-43522 |
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. Published: February 06, 2024; 1:16:02 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-43520 |
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE. Published: February 06, 2024; 1:16:01 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-43519 |
Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size. Published: February 06, 2024; 1:16:01 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-43518 |
Memory corruption in video while parsing invalid mp2 clip. Published: February 06, 2024; 1:16:01 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-43517 |
Memory corruption in Automotive Multimedia due to improper access control in HAB. Published: February 06, 2024; 1:16:01 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |