CVE-2023-28076
https://notcve.org/view.php?id=CVE-2023-28076
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure. • https://www.dell.com/support/kbdoc/en-us/000212095/dsa-2023-121-dell-cloudlink-security-update-for-aes-gcm-ciphers-vulnerability • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2023-28068
https://notcve.org/view.php?id=CVE-2023-28068
Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path • https://www.dell.com/support/kbdoc/en-us/000212226/dsa-2023-133 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2023-25934
https://notcve.org/view.php?id=CVE-2023-25934
DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request. • https://www.dell.com/support/kbdoc/en-us/000212970/dsa-2023-109-dell-ecs-security-update-for-multiple-vulnerabilities • CWE-347: Improper Verification of Cryptographic Signature •
CVE-2023-28070
https://notcve.org/view.php?id=CVE-2023-28070
Alienware Command Center Application, versions 5.5.43.0 and prior, contain an improper access control vulnerability. A local malicious user could potentially exploit this vulnerability during installation or update process leading to privilege escalation. • https://www.dell.com/support/kbdoc/en-us/000212277/dsa-2023-135 • CWE-284: Improper Access Control •
CVE-2023-28047
https://notcve.org/view.php?id=CVE-2023-28047
Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder creation vulnerability during installation. A local low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code on the operating system with high privileges. • https://www.dell.com/support/kbdoc/en-uk/000211727/dsa-2023 • CWE-272: Least Privilege Violation •