Lucene search
+L

187 matches found

CNNVD
CNNVD
added 2022/04/01 12:0 a.m.5 views

多款Dell产品代码问题漏洞

Dell Command Update and Dell Update and Alienware Update are both products of Dell, Inc.Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in Dell products.Dell Update and Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in...

7.8CVSS7.5AI score0.00231EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/03/25 12:0 a.m.6 views

CVE-2022-24426

Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation...

7.8CVSS7.1AI score0.00231EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/08/09 9:15 p.m.5 views

CVE-2021-36277

Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...

7.8CVSS7.3AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2021/08/09 9:15 p.m.18 views

CVE-2021-36277

Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...

7.8CVSS0.00171EPSS
Exploits0References1
Prion
Prion
added 2021/08/09 9:15 p.m.15 views

Input validation

Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...

7.2CVSS7.7AI score0.00171EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2021/08/09 9:5 p.m.20 views

CVE-2021-36277

Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...

7.8CVSS7.9AI score0.00171EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/08/09 12:0 a.m.6 views

PT-2021-21194 · Dell · Alienware Update +2

Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.3 Description: The issue is related to an improper verification of cryptographic signatures, allowing a local authenticated malicious user to exploit the vulnerabili...

7.8CVSS7.7AI score0.00171EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/08/09 12:0 a.m.4 views

Dell Command Update 数据伪造问题漏洞

Dell Command Update is a tool from Dell USA used to automatically update drivers, BIOS and firmware in Dell products. A data forgery vulnerability exists in Dell Command Update, Dell Update, and Alienware Update 4.3 and earlier versions. An attacker could exploit this vulnerability to modify loca...

7.8CVSS7.7AI score0.00171EPSS
Exploits0References2
CNVD
CNVD
added 2019/12/09 12:0 a.m.6 views

Dell Command Configure Code Issue Vulnerability

Dell Command Configure is a Dell USA application that provides configuration capabilities for business client platforms. The program contains both a command line interface and a graphical user interface for configuring a variety of BIOS features. A code issue vulnerability exists in Dell Command...

7.1CVSS7.2AI score0.0034EPSS
Exploits0References1
OSV
OSV
added 2019/12/06 9:15 p.m.5 views

CVE-2019-18575

Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system...

7.1CVSS5.8AI score0.0034EPSS
Exploits0References1
NVD
NVD
added 2019/12/06 9:15 p.m.32 views

CVE-2019-18575

Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system...

7.1CVSS6.8AI score0.0034EPSS
Exploits0References1
Prion
Prion
added 2019/12/06 9:15 p.m.18 views

Design/Logic Flaw

Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system...

6.6CVSS6.8AI score0.0034EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/12/06 8:40 p.m.160 views

CVE-2019-18575

Dell Command Configure before version 4.2.1 is affected by an uncontrolled search path vulnerability. A locally authenticated attacker could abuse a symlink to a target file to overwrite or corrupt a specified file on the system. Impact is file overwrite/corruption within the context of the user ...

7.1CVSS6.8AI score0.0034EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/12/06 8:40 p.m.32 views

CVE-2019-18575

Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system...

7.1CVSS6.8AI score0.0034EPSS
Exploits0References1
Symantec
Symantec
added 2019/12/05 12:0 a.m.30 views

Dell Command Configure CVE-2019-18575 Arbitrary File Overwrite Vulnerability

Description Dell Command Configure is prone to an arbitrary file-overwrite vulnerability. Successful exploits may allow an attacker to write arbitrary files in the context of the user running the affected application. Dell Command Configure prior to 4.2.1 are vulnerable. Technologies Affected Del...

1.9AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/04 12:0 a.m.4 views

Dell Command Update Backlink Vulnerability

Dell Command Update is a tool from Dell USA for automating driver, BIOS and firmware updates in Dell products. A backlink vulnerability exists in versions prior to Dell Command Update 3.1, which can be exploited by a local attacker to delete arbitrary files by creating symbolic links...

5.6CVSS6.7AI score0.00319EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/04 12:0 a.m.2 views

Dell Command Update Arbitrary File Deletion Vulnerability

Dell Command Update is part of the Dell Client Command Suite and can be used to get all the latest driver, firmware and BIOS updates for Latitude, Optiplex and Precision systems. An arbitrary file deletion vulnerability exists in Dell Command Update versions prior to 3.1, which can be exploited b...

5.6CVSS6.8AI score0.00319EPSS
Exploits0References1
NVD
NVD
added 2019/12/03 9:15 p.m.20 views

CVE-2019-3749

Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the...

5.6CVSS5.5AI score0.00319EPSS
Exploits0References1
OSV
OSV
added 2019/12/03 9:15 p.m.4 views

CVE-2019-3749

Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the...

5.5CVSS6.3AI score0.00319EPSS
Exploits0References1
OSV
OSV
added 2019/12/03 9:15 p.m.4 views

CVE-2019-3750

Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\IC\ICDebugLog.txt" to any targeted file...

5.5CVSS6.2AI score0.00319EPSS
Exploits0References1
Rows per page
Query Builder