311 matches found
PT-2022-6198 · Dell · Dell Alienware M17 R5 Bios
Name of the Vulnerable Software and Affected Versions: Dell Alienware m17 R5 BIOS versions prior to 1.2.2 Description: The issue is related to a buffer access vulnerability in the BIOS software of Dell Alienware m17 R5 laptops. A malicious user with admin privileges could potentially exploit this...
CVE-2022-24426
Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation...
CVE-2022-24426
Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation...
CVE-2022-24426
Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation...
CVE-2022-24426
CVE-2022-24426 affects Dell Command Update, Dell Update, and Alienware Update (versions around 4.4.0) with a Local Privilege Escalation in the Advanced Driver Restore component. A local attacker could escalate privileges, per the NVD entry. Connected sources corroborate the impact and indicate th...
多款Dell产品代码问题漏洞
Dell Command Update and Dell Update and Alienware Update are both products of Dell, Inc.Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in Dell products.Dell Update and Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in...
CVE-2022-24426
Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation...
CVE-2021-36277
Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...
Input validation
Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...
CVE-2021-36277
Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...
CVE-2021-36277
CVE-2021-36277 affects Dell Command | Update, Dell Update, and Alienware Update versions before 4.3. The root cause is Improper Verification of Cryptographic Signatures, enabling a local authenticated user to modify local configuration files and execute arbitrary code on the system. Affected prod...
PT-2021-21194 · Dell · Alienware Update +2
Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.3 Description: The issue is related to an improper verification of cryptographic signatures, allowing a local authenticated malicious user to exploit the vulnerabili...
Dell Command Update 数据伪造问题漏洞
Dell Command Update is a tool from Dell USA used to automatically update drivers, BIOS and firmware in Dell products. A data forgery vulnerability exists in Dell Command Update, Dell Update, and Alienware Update 4.3 and earlier versions. An attacker could exploit this vulnerability to modify loca...
Dell Digital Delivery and Alienware Digital Delivery Privilege Mobilization Vulnerability
Dell Digital Delivery and Alienware Digital Delivery are both Dell USA Inc. applications that are used exclusively for Dell computer equipment to purchase pre-installed software for computers online. An elevation of privilege vulnerability exists in Dell Digital Delivery and Alienware Digital...
Dell Digital Delivery and Alienware Digital Delivery power lift vulnerability (CNVD-2019-27450)
Dell Digital Delivery and Alienware Digital Delivery are both Dell USA Inc. applications that are used exclusively for Dell computer equipment to purchase pre-installed software for computers online. An elevation of privilege vulnerability exists in Dell Digital Delivery and Alienware Digital...
CVE-2019-3744
Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal explo...
CVE-2019-3744
Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal explo...
CVE-2019-3742
Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevat...
CVE-2019-3742
Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevat...
Race condition
Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal explo...