Lucene search
K

44 matches found

vulnrichment
vulnrichment
added 2023/10/05 10:11 a.m.15 views

CVE-2023-45159 1E Client installer can perform arbitrary file deletion on protected files

1E Client installer can perform arbitrary file deletion on protected files. A non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. A hotfix is available from the 1E support...

8.4CVSS7.2AI score0.00222EPSS
Exploits0References1
cve
cve
added 2023/10/05 10:11 a.m.67 views

CVE-2023-45159

The CVE-2023-45159 issue affects 1E Client installer and allows an attacker with local access to cause arbitrary deletion of protected files by abusing a symbolic link or Windows junction to point the installer at a protected directory, which the client clears on service startup. Root cause: inst...

8.4CVSS8.4AI score0.00222EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2023/09/08 6:15 a.m.30 views

CVE-2023-32470

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service DOS...

5.5CVSS5.2AI score0.00154EPSS
Exploits0References1
prion
prion
added 2023/09/08 6:15 a.m.18 views

Design/Logic Flaw

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service DOS...

1.7CVSS5.5AI score0.00154EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/09/08 5:4 a.m.6 views

CVE-2023-32470

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service DOS...

5CVSS6.8AI score0.00154EPSS
Exploits0References1
cvelist
cvelist
added 2023/09/08 5:4 a.m.28 views

CVE-2023-32470

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service DOS...

5CVSS5.7AI score0.00154EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/09/07 12:0 a.m.9 views

PT-2023-6498 · Dell · Dell Digital Delivery

Name of the Vulnerable Software and Affected Versions: Dell Digital Delivery versions prior to 5.0.82.0 Description: The issue is related to an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitra...

5.5CVSS5.4AI score0.00154EPSS
Exploits0References8
osv
osv
added 2023/06/23 12:15 p.m.3 views

CVE-2023-28065

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...

7.3CVSS5.8AI score0.00193EPSS
Exploits0References1
prion
prion
added 2023/06/23 12:15 p.m.21 views

Privilege escalation

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...

4.1CVSS7.1AI score0.00193EPSS
Exploits0References1Affected Software3
osv
osv
added 2023/06/23 11:15 a.m.4 views

CVE-2023-28071

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...

7.1CVSS5.9AI score0.00179EPSS
Exploits0References1
nvd
nvd
added 2023/06/23 11:15 a.m.24 views

CVE-2023-28071

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...

7.1CVSS6.5AI score0.00179EPSS
Exploits0References1
prion
prion
added 2023/06/23 11:15 a.m.20 views

Design/Logic Flaw

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...

3.2CVSS6.9AI score0.00179EPSS
Exploits0References1Affected Software3
cvelist
cvelist
added 2023/06/23 11:4 a.m.33 views

CVE-2023-28065

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...

6.7CVSS7.4AI score0.00193EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/06/23 11:4 a.m.9 views

CVE-2023-28065

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...

6.7CVSS6.8AI score0.00193EPSS
Exploits0References1
cvelist
cvelist
added 2023/06/23 10:37 a.m.38 views

CVE-2023-28071

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...

6.3CVSS7.1AI score0.00179EPSS
Exploits0References1
cve
cve
added 2023/06/23 10:37 a.m.44 views

CVE-2023-28071

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point that could allow a local attacker to create arbitrary folders, leading to permanent Denial of Service. Exploitation is described as local, with no...

7.1CVSS6.9AI score0.00179EPSS
Exploits0References1Affected Software3
vulnrichment
vulnrichment
added 2023/06/23 10:37 a.m.12 views

CVE-2023-28071

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...

6.3CVSS6.9AI score0.00179EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/06/23 12:0 a.m.5 views

PT-2023-21527 · Dell · Alienware Update +2

Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior Description: The issue is related to an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit thi...

7.3CVSS7.1AI score0.00193EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2023/06/23 12:0 a.m.5 views

PT-2023-21533 · Dell · Alienware Update +2

Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior Description: The issue is related to an Insecure Operation on Windows Junction / Mount Point, which could be exploited by a local malicious user to create...

7.1CVSS6.8AI score0.00179EPSS
Exploits0References3
nvd
nvd
added 2023/02/10 1:15 p.m.27 views

CVE-2023-23698

Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...

7.1CVSS6.1AI score0.00176EPSS
Exploits0References1
Rows per page
Query Builder