Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-3742 | 1 Dell | 1 Digital Delivery | 2023-03-03 | 7.2 HIGH | 7.8 HIGH |
Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevated privileges. | |||||
CVE-2018-11072 | 1 Dell | 1 Digital Delivery | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
Dell Digital Delivery versions prior to 3.5.1 contain a DLL Injection Vulnerability. A local authenticated malicious user with advance knowledge of the application workflow could potentially load and execute a malicious DLL with administrator privileges. | |||||
CVE-2019-3744 | 1 Dell | 1 Digital Delivery | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal exploit in order to run a malicious executable with elevated privileges. | |||||
CVE-2020-5342 | 1 Dell | 1 Digital Delivery | 2020-03-10 | 7.2 HIGH | 7.8 HIGH |
Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system. |