Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-19 | CVE-2024-25942 | Out-of-bounds Write vulnerability in Dell products Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. | 6.8 |
| 2024-03-13 | CVE-2024-0163 | Unspecified vulnerability in Dell products Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition vulnerability. | 6.3 |
| 2024-03-01 | CVE-2023-48674 | Unspecified vulnerability in Dell products Dell Platform BIOS contains an Improper Null Termination vulnerability. | 4.9 |
| 2024-03-01 | CVE-2024-22458 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.20.00.10 Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. | 5.3 |
| 2024-02-28 | CVE-2024-22459 | Unspecified vulnerability in Dell Elastic Cloud Storage Dell ECS, versions 3.6 through 3.6.2.5, and 3.7 through 3.7.0.6, and 3.8 through 3.8.0.4 versions, contain an improper access control vulnerability. | 6.5 |
| 2024-02-14 | CVE-2023-44294 | Unspecified vulnerability in Dell Secure Connect Gateway In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. | 6.5 |
| 2024-02-14 | CVE-2023-25535 | Unspecified vulnerability in Dell Supportassist for Home PCS Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). | 6.5 |
| 2024-02-14 | CVE-2023-39249 | Unspecified vulnerability in Dell Supportassist for Home PCS 3.4.0 Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC. | 5.3 |
| 2024-02-14 | CVE-2023-44293 | Unspecified vulnerability in Dell Secure Connect Gateway In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially lead to unintentional information disclosure from the product database. | 6.5 |
| 2024-02-14 | CVE-2024-22455 | Unspecified vulnerability in Dell E-Lab Navigator 3.1.9/3.2.0 Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. | 4.6 |