Unity
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-22223 | 0.00 | — | 0.01 | Feb 12, 2024 | Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_cbr utility. An authenticated malicious user with local access could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's… | |||
| CVE-2024-22225 | 0.00 | — | 0.01 | Feb 12, 2024 | Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_supportassist utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges. | |||
| CVE-2024-22224 | 0.00 | — | 0.01 | Feb 12, 2024 | Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges. | |||
| CVE-2024-22228 | 0.00 | — | 0.01 | Feb 12, 2024 | Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cifssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root… | |||
| CVE-2024-22227 | 0.00 | — | 0.01 | Feb 12, 2024 | Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_dc utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability execute commands with root privileges. | |||
| CVE-2024-0165 | 0.00 | — | 0.01 | Feb 12, 2024 | Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges. | |||
| CVE-2024-0166 | 0.00 | — | 0.01 | Feb 12, 2024 | Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_tcpdump utility. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands with elevated privileges. | |||
| CVE-2024-0167 | 0.00 | — | 0.01 | Feb 12, 2024 | Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files on the file system with root privileges. | |||
| CVE-2024-0169 | 0.00 | — | 0.00 | Feb 12, 2024 | Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. | |||
| CVE-2024-0170 | 0.00 | — | 0.01 | Feb 12, 2024 | Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cava utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.… | |||
| CVE-2014-5195 | 0.00 | — | 0.00 | Aug 7, 2014 | Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or… | |||
| CVE-2014-3204 | 0.00 | — | 0.00 | May 6, 2014 | Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2… | |||
| CVE-2014-3203 | 0.00 | — | 0.01 | May 6, 2014 | Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the… | |||
| CVE-2014-3202 | 0.00 | — | 0.00 | May 6, 2014 | Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash. |
- CVE-2024-22223Feb 12, 2024risk 0.00cvss —epss 0.01
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_cbr utility. An authenticated malicious user with local access could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's…
- CVE-2024-22225Feb 12, 2024risk 0.00cvss —epss 0.01
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_supportassist utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges.
- CVE-2024-22224Feb 12, 2024risk 0.00cvss —epss 0.01
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.
- CVE-2024-22228Feb 12, 2024risk 0.00cvss —epss 0.01
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cifssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root…
- CVE-2024-22227Feb 12, 2024risk 0.00cvss —epss 0.01
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_dc utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability execute commands with root privileges.
- CVE-2024-0165Feb 12, 2024risk 0.00cvss —epss 0.01
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges.
- CVE-2024-0166Feb 12, 2024risk 0.00cvss —epss 0.01
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_tcpdump utility. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands with elevated privileges.
- CVE-2024-0167Feb 12, 2024risk 0.00cvss —epss 0.01
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files on the file system with root privileges.
- CVE-2024-0169Feb 12, 2024risk 0.00cvss —epss 0.00
Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
- CVE-2024-0170Feb 12, 2024risk 0.00cvss —epss 0.01
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cava utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.…
- CVE-2014-5195Aug 7, 2014risk 0.00cvss —epss 0.00
Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or…
- CVE-2014-3204May 6, 2014risk 0.00cvss —epss 0.00
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2…
- CVE-2014-3203May 6, 2014risk 0.00cvss —epss 0.01
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the…
- CVE-2014-3202May 6, 2014risk 0.00cvss —epss 0.00
Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash.