16 matches found
EUVD-2019-13352
Malware in sbrugna...
EUVD-2022-27713
Malicious code in bioql PyPI...
Dell Command Configure Elevation of Privilege Vulnerability
Dell Command Configure is a Dell application that provides configuration capabilities for business client platforms. Dell Command Configure version 4.8 and prior versions contain an elevation of privilege vulnerability that stems from incorrect folder permissions, which could be exploited to modi...
Dell Client 安全漏洞
The Dell Client platforms are a client platform from Dell USA. A security vulnerability exists in Dell Client, which stems from an incorrect access control vulnerability in the Realtek audio driver, where a malicious, locally authenticated user may be able to elevate system privileges by waiting...
CVE-2022-22566
Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access DMA vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device...
CVE-2022-22567
Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware...
CVE-2022-22567
CVE-2022-22567 affects Dell Client Commercial (and Consumer) platforms and is caused by insufficient verification of data authenticity, enabling an authenticated attacker to install modified BIOS firmware. The connected records confirm the vulnerability targets Dell client platforms and involve B...
CVE-2022-22566
Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access DMA vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device...
CVE-2022-22567
Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware...
CVE-2020-5343
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder...
Design/Logic Flaw
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder...
Authentication flaw
Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology iRST Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settin...
CVE-2020-5326
Dell Client platforms are affected by a BIOS Setup authentication bypass in the pre-boot iRST Manager menu. The issue allows an attacker with physical access to change BIOS Setup configuration by selecting Optimized Defaults without entering the BIOS Admin password. Root cause and affected compon...
CVE-2019-3726
An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package DUP Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers. Dell Update Package DUP Framework file versions prior to 3.8.3.67 used in Dell...
CVE-2019-3726
CVE-2019-3726 describes an Uncontrolled Search Path vulnerability in the Dell Update Package (DUP) Framework. Affected are: DUP Framework file versions before 19.1.0.413 and 103.4.6.69 (Dell EMC Servers) and DUP Framework file versions before 3.8.3.67 (Dell Client Platforms). The flaw is limited ...
CVE-2019-3726
An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package DUP Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers. Dell Update Package DUP Framework file versions prior to 3.8.3.67 used in Dell...