This page lists publicly disclosed CVE vulnerabilities affecting dell digital_delivery (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-38739 | Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insufficiently Protected Credentials vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to Information Disclosure. | [email protected] | 7.2 | 0.37% | 2025-08-04 | 2025-08-18 |
| CVE-2024-0156 | Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. | [email protected] | 7.0 | 0.21% | 2024-03-04 | 2025-01-08 |
| CVE-2024-0155 | Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code. | [email protected] | 7.0 | 0.20% | 2024-03-04 | 2025-01-08 |
| CVE-2023-32470 | Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS). | [email protected] | 5.0 | 0.15% | 2023-09-08 | 2024-11-21 |
| CVE-2020-5342 | Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system. | [email protected] | 7.8 | 0.44% | 2020-03-09 | 2024-11-21 |
| CVE-2019-3744 | Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal exploit in order to run a malicious executable with elevated privileges. | [email protected] | 7.8 | 0.35% | 2019-08-09 | 2024-11-21 |
| CVE-2019-3742 | Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevated privileges. | [email protected] | 7.8 | 0.38% | 2019-08-09 | 2024-11-21 |
| CVE-2018-11072 | Dell Digital Delivery versions prior to 3.5.1 contain a DLL Injection Vulnerability. A local authenticated malicious user with advance knowledge of the application workflow could potentially load and execute a malicious DLL with administrator privileges. | [email protected] | 7.8 | 0.41% | 2018-10-02 | 2024-11-21 |