Vulnerabilities > Dell > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-13 CVE-2024-28969 Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API (if enabled by Admin user from UI).
network
low complexity
dell
4.3
2024-06-13 CVE-2024-32856 Unspecified vulnerability in Dell products
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component.
local
low complexity
dell
6.0
2024-06-12 CVE-2024-0160 Unspecified vulnerability in Dell products
Dell Client Platform contains an incorrect authorization vulnerability.
low complexity
dell
6.8
2024-06-12 CVE-2024-28970 Unspecified vulnerability in Dell products
Dell Client BIOS contains an Out-of-bounds Write vulnerability.
local
low complexity
dell
4.4
2024-05-01 CVE-2024-28978 Unspecified vulnerability in Dell Openmanage Enterprise 3.10/4.0
Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability.
network
low complexity
dell
6.5
2024-05-01 CVE-2024-28979 Unspecified vulnerability in Dell Openmanage Enterprise 3.5/3.6.1/3.8.4
Dell OpenManage Enterprise, versions 4.1.0 and older, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability.
network
low complexity
dell
4.8
2024-03-01 CVE-2024-22458 Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.20.00.10
Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability.
network
low complexity
dell
5.3
2024-02-14 CVE-2023-44294 Unspecified vulnerability in Dell Secure Connect Gateway
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API.
network
low complexity
dell
6.5
2024-02-14 CVE-2023-25535 Unspecified vulnerability in Dell Supportassist for Home PCS
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE).
local
low complexity
dell
6.5
2024-02-14 CVE-2023-39249 Unspecified vulnerability in Dell Supportassist for Home PCS 3.4.0
Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC.
local
low complexity
dell
5.3