187 matches found
多款Dell产品代码问题漏洞
Dell Command Update and Dell Update and Alienware Update are both products of Dell, Inc.Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in Dell products.Dell Update and Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in...
CVE-2022-24426
Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation...
CVE-2021-36277
Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...
CVE-2021-36277
Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...
Input validation
Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...
CVE-2021-36277
Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...
PT-2021-21194 · Dell · Alienware Update +2
Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.3 Description: The issue is related to an improper verification of cryptographic signatures, allowing a local authenticated malicious user to exploit the vulnerabili...
Dell Command Update 数据伪造问题漏洞
Dell Command Update is a tool from Dell USA used to automatically update drivers, BIOS and firmware in Dell products. A data forgery vulnerability exists in Dell Command Update, Dell Update, and Alienware Update 4.3 and earlier versions. An attacker could exploit this vulnerability to modify loca...
Dell Command Configure Code Issue Vulnerability
Dell Command Configure is a Dell USA application that provides configuration capabilities for business client platforms. The program contains both a command line interface and a graphical user interface for configuring a variety of BIOS features. A code issue vulnerability exists in Dell Command...
CVE-2019-18575
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system...
CVE-2019-18575
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system...
Design/Logic Flaw
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system...
CVE-2019-18575
Dell Command Configure before version 4.2.1 is affected by an uncontrolled search path vulnerability. A locally authenticated attacker could abuse a symlink to a target file to overwrite or corrupt a specified file on the system. Impact is file overwrite/corruption within the context of the user ...
CVE-2019-18575
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system...
Dell Command Configure CVE-2019-18575 Arbitrary File Overwrite Vulnerability
Description Dell Command Configure is prone to an arbitrary file-overwrite vulnerability. Successful exploits may allow an attacker to write arbitrary files in the context of the user running the affected application. Dell Command Configure prior to 4.2.1 are vulnerable. Technologies Affected Del...
Dell Command Update Backlink Vulnerability
Dell Command Update is a tool from Dell USA for automating driver, BIOS and firmware updates in Dell products. A backlink vulnerability exists in versions prior to Dell Command Update 3.1, which can be exploited by a local attacker to delete arbitrary files by creating symbolic links...
Dell Command Update Arbitrary File Deletion Vulnerability
Dell Command Update is part of the Dell Client Command Suite and can be used to get all the latest driver, firmware and BIOS updates for Latitude, Optiplex and Precision systems. An arbitrary file deletion vulnerability exists in Dell Command Update versions prior to 3.1, which can be exploited b...
CVE-2019-3749
Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the...
CVE-2019-3749
Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the...
CVE-2019-3750
Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\IC\ICDebugLog.txt" to any targeted file...