CVE-2024-22463
https://notcve.org/view.php?id=CVE-2024-22463
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information • https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2024-22452
https://notcve.org/view.php?id=CVE-2024-22452
Dell Display and Peripheral Manager for macOS prior to 1.3 contains an improper access control vulnerability. A low privilege user could potentially exploit this vulnerability by modifying files in the installation folder to execute arbitrary code, leading to privilege escalation. • https://www.dell.com/support/kbdoc/en-us/000221414/dsa-2024-056 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2024-0155
https://notcve.org/view.php?id=CVE-2024-0155
Dell Digital Delivery, versions prior to 5.0.86.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to an application crash or execution of arbitrary code. Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code. • https://www.dell.com/support/kbdoc/en-us/000222292/dsa-2024-033 • CWE-416: Use After Free •
CVE-2024-0156
https://notcve.org/view.php?id=CVE-2024-0156
Dell Digital Delivery, versions prior to 5.0.86.0, contain a Buffer Overflow vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. • https://www.dell.com/support/kbdoc/en-us/000222536/dsa-2024-032-security-update-for-dell-digital-delivery-for-a-buffer-overflow-vulnerability • CWE-122: Heap-based Buffer Overflow •
CVE-2024-24903
https://notcve.org/view.php?id=CVE-2024-24903
Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change. • https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •