8 matches found
CVE-2019-3744
Dell/Alienware Digital Delivery (DLL/Alienware Digital Delivery) prior to version 4.0.41 is affected by a local privilege-escalation vulnerability. A non-privileged attacker can exploit a race condition and a path-traversal in the install software package feature of a Universal Windows Platform a...
CVE-2019-3742
Dell/Alienware Digital Delivery (and Dell Digital Delivery) versions prior to 3.5.2013 are affected by a local privilege-escalation vulnerability. A non-privileged attacker could abuse a named pipe that deserializes binaries via a process hollowing technique to execute code with elevated privileg...
CVE-2020-5342
Dell Digital Delivery prior to version 3.5.2015 contains an incorrect default permissions vulnerability. A locally authenticated, low-privileged user could exploit this to run an arbitrary executable with administrative privileges on the affected system. Affected products/versions are stated in t...
CVE-2024-0155
Dell Digital Delivery before version 5.2.0.0 contains a Use After Free vulnerability rooted in memory management, exploitable by a local, low-privilege attacker to crash the application or execute arbitrary code. Affected software is Dell Digital Delivery ( Dell ). Remediation: upgrade to 5.2.0.0...
CVE-2023-32470
Dell Digital Delivery is affected by an Insecure Operation on Windows Junction / Mount Point vulnerability in versions prior to 5.0.82.0. A local attacker could create arbitrary folders, potentially causing permanent Denial of Service (DOS). Affected product/version: Dell Digital Delivery before ...
CVE-2018-11072
Dell Digital Delivery prior to version 3.5.1 is affected by a DLL injection vulnerability that can enable a local authenticated attacker, with knowledge of the application workflow, to load and execute a malicious DLL with administrator privileges. The issue stems from how the vulnerable DLL is l...
CVE-2024-0156
Dell Digital Delivery is affected in versions prior to 5.2.0.0 by a buffer overflow caused by improper input length/size validation. A local, low-privilege attacker could potentially achieve arbitrary code execution and privilege escalation . The vulnerability is documented with a fix to upgrade ...
CVE-2025-38739
Dell Digital Delivery, before version 5.6.1.0, contains an Insufficiently Protected Credentials vulnerability that can allow a remote, unauthenticated attacker to cause Information Disclosure. The flaw affects Dell Digital Delivery software and stems from inadequate credential protection as descr...