Lucene search
K

199 matches found

NVD
NVD
added 2023/09/08 6:15 a.m.26 views

CVE-2023-32470

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service DOS...

5.5CVSS5.2AI score0.00154EPSS
Exploits0References1
Prion
Prion
added 2023/09/08 6:15 a.m.18 views

Design/Logic Flaw

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service DOS...

1.7CVSS5.5AI score0.00154EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/08 5:4 a.m.6 views

CVE-2023-32470

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service DOS...

5CVSS6.8AI score0.00154EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/08 5:4 a.m.27 views

CVE-2023-32470

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service DOS...

5CVSS5.7AI score0.00154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/07 12:0 a.m.8 views

PT-2023-6498 · Dell · Dell Digital Delivery

Name of the Vulnerable Software and Affected Versions: Dell Digital Delivery versions prior to 5.0.82.0 Description: The issue is related to an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitra...

5.5CVSS5.4AI score0.00154EPSS
Exploits0References8
NVD
NVD
added 2023/06/23 12:15 p.m.27 views

CVE-2023-28065

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...

7.3CVSS6.7AI score0.00193EPSS
Exploits0References1
Prion
Prion
added 2023/06/23 12:15 p.m.21 views

Privilege escalation

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...

4.1CVSS7.1AI score0.00193EPSS
Exploits0References1Affected Software3
NVD
NVD
added 2023/06/23 11:15 a.m.23 views

CVE-2023-28071

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...

7.1CVSS6.5AI score0.00179EPSS
Exploits0References1
Prion
Prion
added 2023/06/23 11:15 a.m.19 views

Design/Logic Flaw

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...

3.2CVSS6.9AI score0.00179EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2023/06/23 11:4 a.m.32 views

CVE-2023-28065

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...

6.7CVSS7.4AI score0.00193EPSS
Exploits0References1
CVE
CVE
added 2023/06/23 11:4 a.m.47 views

CVE-2023-28065

Dell Command | Update, Dell Update, and Alienware Update (Windows) have versions 4.8.0 and earlier affected by an Insecure Operation on Windows Junction / Mount Point vulnerability. The root cause is an insecure operation involving Windows junctions/mount points, allowing a local attacker to esca...

7.3CVSS7.1AI score0.00193EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2023/06/23 10:37 a.m.44 views

CVE-2023-28071

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point that could allow a local attacker to create arbitrary folders, leading to permanent Denial of Service. Exploitation is described as local, with no...

7.1CVSS6.9AI score0.00179EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2023/06/23 10:37 a.m.37 views

CVE-2023-28071

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...

6.3CVSS7.1AI score0.00179EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/17 12:0 a.m.22 views

Trend Micro Apex One Security Agent Link Following Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

5.5CVSS6.2AI score0.00286EPSS
Exploits0References1
NVD
NVD
added 2023/03/22 7:15 p.m.35 views

CVE-2023-28114

cilium-cli is the command line interface to install, manage, and troubleshoot Kubernetes clusters running Cilium. Prior to version 0.13.2,cilium-cli, when used to configure cluster mesh functionality, can remove the enforcement of user permissions on the etcd store used to mirror local cluster...

4.8CVSS4.9AI score0.00192EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/03/22 6:30 p.m.7 views

CVE-2023-28114 `cilium-cli` disables etcd authorization for clustermesh clusters

cilium-cli is the command line interface to install, manage, and troubleshoot Kubernetes clusters running Cilium. Prior to version 0.13.2,cilium-cli, when used to configure cluster mesh functionality, can remove the enforcement of user permissions on the etcd store used to mirror local cluster...

4.8CVSS4.9AI score0.00192EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/03/22 12:0 a.m.5 views

Cilium 安全漏洞

Cilium is an open source software. It is used to provide and transparently secure network connectivity and load balancing between application workloads such as application containers or processes. Cilium A security vulnerability exists in versions prior to cilium-cli 0.13.2, which stems from the...

4.8CVSS5AI score0.00192EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/03/21 12:0 a.m.6 views

PT-2023-21573 · Etcd +1 · Etcd +1

Name of the Vulnerable Software and Affected Versions: cilium-cli versions prior to 0.13.2 Description: The issue arises when cilium-cli is used to configure cluster mesh functionality, potentially removing the enforcement of user permissions on the etcd store. This occurs due to an incorrect mou...

4.8CVSS7.1AI score0.00192EPSS
Exploits0References10
Zero Day Initiative
Zero Day Initiative
added 2023/02/24 12:0 a.m.22 views

Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS8.2AI score0.0039EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/02/24 12:0 a.m.28 views

Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS8.2AI score0.0039EPSS
Exploits0References1
Rows per page
Query Builder