Security
Headlines
HeadlinesLatestCVEs

Tag

#dell

SASE Market to Exceed Over $60B Between 2022 and 2027, According to Dell'Oro Group

DARKReading
Open in Source
#vulnerability#mac#git#dell
Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities

Microsoft on Tuesday released security updates to address 75 flaws spanning its product portfolio, three of which have come under active exploitation in the wild. The updates are in addition to 22 flaws the Windows maker patched in its Chromium-based Edge browser over the past month. Of the 75 vulnerabilities, nine are rated Critical and 66 are rated Important in severity. 37 out of 75 bugs are

CVE-2022-22564: DSA-2022-021: Dell Unity, Dell UnityVSA, and Dell Unity XT Security Update for Multiple Vulnerabilities

Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.

CVE-2022-4286: Cyber Security | B&R Industrial Automation

A reflected cross-site scripting (XSS) vulnerability exists in System Diagnostics Manager of B&R Automation Runtime versions >=3.00 and <=C4.93 that enables a remote attacker to execute arbitrary JavaScript in the context of the users browser session.

CVE-2023-24572: DSA-2023-032: Dell Command | Integration Suite for System Center Security Update for an Arbitrary Folder Deletion Vulnerability

Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.

CVE-2023-23697: DSA-2023-030: Dell Command | Intel vPro Out of Band Security Update for an Arbitrary Folder Deletion Vulnerability

Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.

CVE-2022-46755: DSA-2022-329: Dell Wyse Management Suite Security Update for Multiple Vulnerabilities

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized.

CVE-2022-34404: DSA-2022-254: Dell System Update (DSU) Security Update for a Self-Signed Certificate Vulnerability

Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with high privileges could potentially exploit this vulnerability, leading to credential theft and/or denial of service.

CVE-2022-34451: DSA-2022-283: PowerPath Management Appliance Security Update for Multiple Security Vulnerabilities

PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to the server.