CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34366
https://notcve.org/view.php?id=CVE-2022-34366
Dell SupportAssist for Home PCs (version 3.11.2 and prior) contain Overly Permissive Cross-domain Whitelist vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. • https://www.dell.com/support/kbdoc/000204114 • CWE-697: Incorrect Comparison CWE-942: Permissive Cross-domain Policy with Untrusted Domains •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34364
https://notcve.org/view.php?id=CVE-2022-34364
Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. . • https://www.dell.com/support/kbdoc/en-us/000203275/dsa-2022-188-dell-bsafe-ssl-j-6-5-and-7-1-security-vulnerability • CWE-668: Exposure of Resource to Wrong Sphere CWE-1295: Debug Messages Revealing Unnecessary Information •
CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0CVE-2022-33934
https://notcve.org/view.php?id=CVE-2022-33934
Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields. • https://www.dell.com/support/kbdoc/en-us/000205618/dsa-2022-271 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24569
https://notcve.org/view.php?id=CVE-2023-24569
Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system. • https://www.dell.com/support/kbdoc/en-us/000208327/dsa-2023-044 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24573
https://notcve.org/view.php?id=CVE-2023-24573
Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. • https://www.dell.com/support/kbdoc/en-us/000207973/dsa-2023-033 • CWE-264: Permissions, Privileges, and Access Controls •