VYPR

Digital Delivery

by Dell

CVEs (8)

  • CVE-2020-5342HigMar 9, 2020
    risk 0.51cvss 7.8epss 0.00

    Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system.

  • CVE-2019-3744HigAug 9, 2019
    risk 0.51cvss 7.8epss 0.00

    Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a…

  • CVE-2019-3742HigAug 9, 2019
    risk 0.51cvss 7.8epss 0.00

    Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an…

  • CVE-2018-11072HigOct 2, 2018
    risk 0.51cvss 7.8epss 0.00

    Dell Digital Delivery versions prior to 3.5.1 contain a DLL Injection Vulnerability. A local authenticated malicious user with advance knowledge of the application workflow could potentially load and execute a malicious DLL with administrator privileges.

  • CVE-2025-38739HigAug 4, 2025
    risk 0.47cvss 7.2epss 0.00

    Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insufficiently Protected Credentials vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to Information Disclosure.

  • CVE-2024-0156HigMar 4, 2024
    risk 0.46cvss 7.0epss 0.00

    Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation.

  • CVE-2024-0155HigMar 4, 2024
    risk 0.46cvss 7.0epss 0.00

    Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code.

  • CVE-2023-32470MedSep 8, 2023
    risk 0.33cvss 5.0epss 0.00

    Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).