Filtered by vendor Dell Subscriptions
Filtered by product Digital Delivery Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-32470 1 Dell 1 Digital Delivery 2024-11-21 5 Medium
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).
CVE-2020-5342 1 Dell 1 Digital Delivery 2024-11-21 7.8 High
Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system.
CVE-2019-3744 1 Dell 1 Digital Delivery 2024-11-21 7.8 High
Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal exploit in order to run a malicious executable with elevated privileges.
CVE-2019-3742 1 Dell 1 Digital Delivery 2024-11-21 7.8 High
Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevated privileges.
CVE-2018-11072 1 Dell 1 Digital Delivery 2024-11-21 N/A
Dell Digital Delivery versions prior to 3.5.1 contain a DLL Injection Vulnerability. A local authenticated malicious user with advance knowledge of the application workflow could potentially load and execute a malicious DLL with administrator privileges.