Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-26 | CVE-2024-25957 | Unspecified vulnerability in Dell Grab Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. | 5.5 |
| 2024-03-13 | CVE-2024-0163 | Unspecified vulnerability in Dell products Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition vulnerability. | 6.3 |
| 2024-03-01 | CVE-2023-48674 | Unspecified vulnerability in Dell products Dell Platform BIOS contains an Improper Null Termination vulnerability. | 4.9 |
| 2024-03-01 | CVE-2024-22458 | Unspecified vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.20.00.10 Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. | 5.3 |
| 2024-02-14 | CVE-2023-44294 | Unspecified vulnerability in Dell Secure Connect Gateway In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. | 6.5 |
| 2024-02-14 | CVE-2023-25535 | Unspecified vulnerability in Dell Supportassist for Home PCS Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). | 6.5 |
| 2024-02-14 | CVE-2023-39249 | Unspecified vulnerability in Dell Supportassist for Home PCS 3.4.0 Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC. | 5.3 |
| 2024-02-14 | CVE-2023-44293 | Unspecified vulnerability in Dell Secure Connect Gateway In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially lead to unintentional information disclosure from the product database. | 6.5 |
| 2024-02-14 | CVE-2024-22455 | Unspecified vulnerability in Dell E-Lab Navigator 3.1.9/3.2.0 Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. | 4.6 |
| 2024-02-12 | CVE-2024-0169 | Unspecified vulnerability in Dell Unity Operating Environment Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. | 5.4 |