cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-32476,https://securityvulnerability.io/vulnerability/CVE-2023-32476,Sensitive Data Exposure in Dell Hybrid Client Software,"Dell Hybrid Client version 2.0 is susceptible to a vulnerability that allows unauthenticated malicious users to access hard-coded secrets embedded within JavaScript files. This exposure can lead to unauthorized access to sensitive information, emphasizing the need for immediate remediation to safeguard user data.",Dell,Dell Hybrid Client (dhc),6.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-07-20T14:15:00.000Z,0
CVE-2022-34430,https://securityvulnerability.io/vulnerability/CVE-2022-34430,Zip Bomb Vulnerability in Dell Hybrid Client Software,"Dell Hybrid Client versions prior to 1.8 are susceptible to a Zip Bomb vulnerability found in the user interface. This vulnerability allows an attacker with guest privileges to exploit the software, potentially leading to unauthorized modifications of system files. It's crucial for users to be aware of this security flaw to mitigate risks associated with such attacks.",Dell,Dell Hybrid Client (dhc),7.1,HIGH,0.0008399999933317304,false,,false,false,false,,,false,false,,2022-10-11T17:15:00.000Z,0
CVE-2022-34431,https://securityvulnerability.io/vulnerability/CVE-2022-34431,Guest User Profile Corruption Vulnerability in Dell Hybrid Client,"The Dell Hybrid Client software, specifically versions below 1.8, contains a vulnerability that allows for corruption of the guest user profile. An attacker with WMS privileges could exploit this weakness, rendering the DHC system inaccessible, which poses significant challenges for users reliant on the platform for seamless operation.",Dell,Dell Hybrid Client (dhc),6.5,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2022-10-11T17:15:00.000Z,0
CVE-2022-34432,https://securityvulnerability.io/vulnerability/CVE-2022-34432,Gedit Vulnerability in Dell Hybrid Client Affecting User Files and Folders,"Dell Hybrid Client versions below 1.8 are susceptible to a gedit vulnerability, which may enable guest attackers to delete important user and system files and folders. This security flaw poses a significant risk as it allows unauthorized manipulation of files, potentially leading to data loss and system compromise. Users are advised to update to the latest version to mitigate this security risk.",Dell,Dell Hybrid Client (dhc),7.3,HIGH,0.0008099999977275729,false,,false,false,false,,,false,false,,2022-10-11T17:15:00.000Z,0
CVE-2022-34429,https://securityvulnerability.io/vulnerability/CVE-2022-34429,Zip Slip Vulnerability in Dell Hybrid Client by Dell,Dell Hybrid Client versions prior to 1.8 are susceptible to a Zip Slip vulnerability that allows attackers with guest privileges to manipulate system files. This flaw poses a significant risk as it could lead to unauthorized changes in system configurations and data integrity. It is essential for users to apply the latest updates to mitigate this threat.,Dell,Dell Hybrid Client (dhc),6.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-09-30T20:15:00.000Z,0
CVE-2022-34428,https://securityvulnerability.io/vulnerability/CVE-2022-34428,Regular Expression Denial of Service Vulnerability in Dell Hybrid Client Software,"The Dell Hybrid Client prior to version 1.8 is vulnerable to a Regular Expression Denial of Service attack in its user interface. This weakness allows an attacker with WMS group admin access to exploit the vulnerability, potentially resulting in a temporary denial of service. Organizations using affected versions should prioritize upgrading their software to mitigate this security risk. For more information, refer to Dell's security update.",Dell,Dell Hybrid Client (dhc),5,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2022-09-30T20:15:00.000Z,0
CVE-2021-21534,https://securityvulnerability.io/vulnerability/CVE-2021-21534,,Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain access to sensitive information via the local API.,Dell,Dell Hybrid Client (dhc),4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-04-30T18:15:00.000Z,0
CVE-2021-21537,https://securityvulnerability.io/vulnerability/CVE-2021-21537,,Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to view and exfiltrate sensitive information on the system.,Dell,Dell Hybrid Client (dhc),6.2,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-04-30T18:15:00.000Z,0
CVE-2021-21536,https://securityvulnerability.io/vulnerability/CVE-2021-21536,,Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to register the client to a server in order to view sensitive information.,Dell,Dell Hybrid Client (dhc),6.2,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-04-30T18:15:00.000Z,0
CVE-2021-21535,https://securityvulnerability.io/vulnerability/CVE-2021-21535,,Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain root level access to the system.,Dell,Dell Hybrid Client (dhc),7.4,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-04-30T18:15:00.000Z,0