4 results (0.014 seconds)

CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0

Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion La aplicación Dell Display Manager, versión 2.1.1.17 y anteriores, contiene una operación no segura en el punto de unión/montaje de Windows. Un usuario malintencionado local podría explotar esta vulnerabilidad durante la instalación, lo que provocaría la eliminación de archivos o carpetas arbitrarias. • https://www.dell.com/support/kbdoc/en-us/000215216/dsa-2023-182-dell • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-1386: Insecure Operation on Windows Junction / Mount Point •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation La aplicación Dell Display Manager, versión 2.1.1.17, contiene una vulnerabilidad que permite a usuarios con privilegios bajos ejecutar código malicioso durante la instalación y desinstalación. • https://www.dell.com/support/kbdoc/en-us/000215216/dsa-2023-182-dell • CWE-269: Improper Privilege Management CWE-272: Least Privilege Violation •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder creation vulnerability during installation. A local low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code on the operating system with high privileges. • https://www.dell.com/support/kbdoc/en-uk/000211727/dsa-2023 • CWE-272: Least Privilege Violation •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder deletion vulnerability during uninstallation A local low privilege attacker could potentially exploit this vulnerability, leading to the deletion of arbitrary files on the operating system with high privileges. • https://www.dell.com/support/kbdoc/en-us/000211727/dsa-2023 • CWE-272: Least Privilege Violation •