Vulnerabilities > Dell

DATE CVE VULNERABILITY TITLE RISK
2024-02-06 CVE-2023-28063 Incorrect Conversion between Numeric Types vulnerability in Dell products
Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability.
local
low complexity
dell CWE-681
4.4
2024-02-06 CVE-2023-32451 Improper Privilege Management vulnerability in Dell Display Manager 2.0.0/2.1.0/2.1.1
Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation
local
low complexity
dell CWE-269
7.8
2024-02-06 CVE-2023-32454 Link Following vulnerability in Dell Update Package Framework 3.8.3.67
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability.
local
low complexity
dell CWE-59
7.1
2024-02-06 CVE-2023-32474 Link Following vulnerability in Dell Display Manager 2.0.0/2.1.0/2.1.1
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point.
local
low complexity
dell CWE-59
6.6
2024-02-06 CVE-2023-32479 Unspecified vulnerability in Dell products
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory.
local
low complexity
dell
7.8
2024-02-06 CVE-2023-25543 Improper Handling of Exceptional Conditions vulnerability in Dell Power Manager 3.10/3.11/3.3
Dell Power Manager, versions prior to 3.14, contain an Improper Authorization vulnerability in DPM service.
local
low complexity
dell CWE-755
7.8
2024-02-06 CVE-2023-28049 Improper Privilege Management vulnerability in Dell Command | Monitor 10.9
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability.
local
low complexity
dell CWE-269
7.1
2024-02-06 CVE-2024-22433 Unspecified vulnerability in Dell Data Protection Search
Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.get_ldap_info in DP Search.
network
low complexity
dell
critical
9.8
2024-02-02 CVE-2020-29504 Improper Certificate Validation vulnerability in Dell products
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Missing Required Cryptographic Step Vulnerability.
network
low complexity
dell CWE-295
critical
9.8
2024-02-02 CVE-2021-21575 Information Exposure Through Discrepancy vulnerability in Dell Bsafe Micro-Edition-Suite
Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.
network
low complexity
dell CWE-203
critical
9.8