Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-14 | CVE-2023-44294 | SQL Injection vulnerability in Dell Secure Connect Gateway In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. | 6.5 |
| 2024-02-14 | CVE-2023-25535 | Unspecified vulnerability in Dell Supportassist for Home PCS Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). | 6.5 |
| 2024-02-14 | CVE-2023-39249 | Unspecified vulnerability in Dell Supportassist for Home PCS 3.4.0 Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC. | 5.3 |
| 2024-02-14 | CVE-2023-44293 | SQL Injection vulnerability in Dell Secure Connect Gateway In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially lead to unintentional information disclosure from the product database. | 6.5 |
| 2024-02-14 | CVE-2024-22455 | Authorization Bypass Through User-Controlled Key vulnerability in Dell E-Lab Navigator 3.1.9/3.2.0 Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. | 4.6 |
| 2024-02-12 | CVE-2024-0169 | Cross-site Scripting vulnerability in Dell Unity Operating Environment Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. | 5.4 |
| 2024-02-12 | CVE-2024-22221 | SQL Injection vulnerability in Dell Unity Operating Environment 5.0.7.0.5.008/5.2.0.0.5.173/5.3.0.0.5.120 Dell Unity, versions prior to 5.4, contains SQL Injection vulnerability. | 6.5 |
| 2024-02-12 | CVE-2024-22226 | Path Traversal vulnerability in Dell Unity Operating Environment 5.0.7.0.5.008/5.2.0.0.5.173/5.3.0.0.5.120 Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its svc_supportassist utility. | 6.5 |
| 2024-02-12 | CVE-2024-22230 | Cross-site Scripting vulnerability in Dell Unity Operating Environment 5.0.7.0.5.008/5.2.0.0.5.173/5.3.0.0.5.120 Dell Unity, versions prior to 5.4, contains a Cross-site scripting vulnerability. | 5.4 |
| 2024-02-10 | CVE-2023-28077 | Information Exposure vulnerability in Dell Bsafe Ssl-J Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. | 4.4 |