cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2023-28065,https://securityvulnerability.io/vulnerability/CVE-2023-28065,," Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation. ",Dell,Dell Command Update (dcu),6.7,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-06-23T12:15:00.000Z,0 CVE-2023-28071,https://securityvulnerability.io/vulnerability/CVE-2023-28071,," Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). ",Dell,Dell Command Update (dcu),6.3,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-06-23T11:15:00.000Z,0 CVE-2023-23697,https://securityvulnerability.io/vulnerability/CVE-2023-23697,,"Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. ",Dell,Dell Command Update (DCU),3.3,LOW,0.0004400000034365803,false,false,false,false,,false,false,2023-02-13T08:15:00.000Z,0 CVE-2023-23698,https://securityvulnerability.io/vulnerability/CVE-2023-23698,Insecure Operation Vulnerability in Dell Command | Update and Alienware Update Products,"Versions of Dell Command | Update, Dell Update, and Alienware Update prior to 4.6.0 and 4.7.1 are susceptible to an insecure operation vulnerability in their installer component. This flaw may allow a local attacker to manipulate file operations, potentially leading to unauthorized deletion of files on the system. Users of these products are advised to update to the specified versions to mitigate risks associated with this vulnerability.",Dell,Dell Command Update (DCU),7.1,HIGH,0.0004400000034365803,false,true,false,false,,false,false,2023-02-10T13:15:00.000Z,0 CVE-2022-34458,https://securityvulnerability.io/vulnerability/CVE-2022-34458,," Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in download operation component. A local malicious user could potentially exploit this vulnerability leading to the disclosure of confidential data. ",Dell,Dell Command Update (dcu),6.6,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-02-01T04:34:57.753Z,0 CVE-2022-34459,https://securityvulnerability.io/vulnerability/CVE-2022-34459,Improper Verification of Cryptographic Signature in Dell Software Products,"An issue exists in Dell Command | Update, Dell Update, and Alienware Update versions before 4.7, where improper verification of cryptographic signatures in the 'get applicable driver' component could allow a local malicious user to exploit this vulnerability, potentially executing unauthorized and harmful payloads on the affected systems.",Dell,Dell Command Update (dcu),7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2023-02-01T04:28:20.334Z,0 CVE-2022-34382,https://securityvulnerability.io/vulnerability/CVE-2022-34382,,"Dell Command Update, Dell Update and Alienware Update versions prior to 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. A local malicious user may potentially exploit this vulnerability in order to elevate their privileges.",Dell,Dell Command Update (dcu),7.8,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2022-09-02T18:15:00.000Z,0 CVE-2022-24426,https://securityvulnerability.io/vulnerability/CVE-2022-24426,,"Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation.",Dell,Dell Command Update (dcu),7.8,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2022-04-01T20:15:00.000Z,0 CVE-2019-3749,https://securityvulnerability.io/vulnerability/CVE-2019-3749,,"Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the ""Temp\ICProgress\Dell_InventoryCollector_Progress.xml"" to any targeted file. This issue occurs because permissions on the Temp directory were set incorrectly.",Dell,Dell Command Update (dcu),5.6,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2019-12-03T00:00:00.000Z,0 CVE-2019-3750,https://securityvulnerability.io/vulnerability/CVE-2019-3750,,"Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the ""Temp\IC\ICDebugLog.txt"" to any targeted file. This issue occurs because of insecure handling of Temp directory permissions that were set incorrectly.",Dell,Dell Command Update (dcu),5.6,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2019-12-03T00:00:00.000Z,0