Vulnerabilities > Dell > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2024-22428 Incorrect Default Permissions vulnerability in Dell EMC Idrac Service Module
Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system.
local
low complexity
dell CWE-276
7.8
7.8
2023-12-22 CVE-2023-48670 Untrusted Search Path vulnerability in Dell Supportassist for Home PCS 3.14.2.45116
Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer.
local
low complexity
dell CWE-426
7.8
7.8
2023-12-14 CVE-2023-48671 Unspecified vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability.
network
low complexity
dell
7.5
7.5
2023-12-14 CVE-2023-44285 Unspecified vulnerability in Dell products
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an improper access control vulnerability.
local
low complexity
dell
7.8
7.8
2023-12-14 CVE-2023-48660 Path Traversal vulnerability in Dell products
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability.
network
low complexity
dell CWE-22
7.5
7.5
2023-12-14 CVE-2023-48662 OS Command Injection vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability.
network
low complexity
dell CWE-78
7.2
7.2
2023-12-14 CVE-2023-48663 OS Command Injection vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability.
network
low complexity
dell CWE-78
7.2
7.2
2023-12-14 CVE-2023-48664 OS Command Injection vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability.
network
low complexity
dell CWE-78
7.2
7.2
2023-12-14 CVE-2023-48665 OS Command Injection vulnerability in Dell products
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability.
network
low complexity
dell CWE-78
7.2
7.2
2023-12-14 CVE-2023-48667 OS Command Injection vulnerability in Dell products
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI.
network
low complexity
dell CWE-78
7.2
7.2