Filtered by vendor Dell
Subscribe
Total
1013 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-34436 | 1 Dell | 2 Idrac8, Idrac8 Firmware | 2024-02-28 | N/A | 4.9 MEDIUM |
Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update. | |||||
CVE-2022-34401 | 1 Dell | 6 Alienware M15 A6, Alienware M15 A6 Firmware, Alienware M17 R5 and 3 more | 2024-02-28 | N/A | 7.5 HIGH |
Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM. | |||||
CVE-2022-34414 | 1 Dell | 160 C4130, C4130 Firmware, C4140 and 157 more | 2024-02-28 | N/A | 6.7 MEDIUM |
Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. | |||||
CVE-2022-34400 | 1 Dell | 166 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 163 more | 2024-02-28 | N/A | 7.1 HIGH |
Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM. | |||||
CVE-2022-46752 | 1 Dell | 150 Inspiron 14 Plus 7420, Inspiron 14 Plus 7420 Firmware, Inspiron 14 Plus 7620 and 147 more | 2024-02-28 | N/A | 4.6 MEDIUM |
Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. | |||||
CVE-2022-34398 | 1 Dell | 478 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 475 more | 2024-02-28 | N/A | 7.0 HIGH |
Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system. | |||||
CVE-2022-34386 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2024-02-28 | N/A | 5.5 MEDIUM |
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. | |||||
CVE-2022-45101 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 9.8 CRITICAL |
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and remote execution. | |||||
CVE-2022-45103 | 1 Dell | 8 Emc Solutions Enabler Virtual Appliance, Emc Unisphere For Powermax, Emc Unisphere For Powermax Virtual Appliance and 5 more | 2024-02-28 | N/A | 6.5 MEDIUM |
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system. | |||||
CVE-2022-34440 | 1 Dell | 1 Emc Secure Connect Gateway Policy Manager | 2024-02-28 | N/A | 9.8 CRITICAL |
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges. | |||||
CVE-2022-45102 | 1 Dell | 5 Dp4400, Dp4400 Firmware, Dp5900 and 2 more | 2024-02-28 | N/A | 6.1 MEDIUM |
Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web cache or trigger redirections. | |||||
CVE-2023-24567 | 1 Dell | 1 Emc Networker | 2024-02-28 | N/A | 6.5 MEDIUM |
Dell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks. | |||||
CVE-2022-34389 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2024-02-28 | N/A | 5.3 MEDIUM |
Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentially exploit this vulnerability and impersonate a legitimate dell customer to a dell support technician. | |||||
CVE-2023-25544 | 1 Dell | 1 Emc Networker | 2024-02-28 | N/A | 6.5 MEDIUM |
Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks. | |||||
CVE-2022-34421 | 1 Dell | 160 C4130, C4130 Firmware, C4140 and 157 more | 2024-02-28 | N/A | 6.7 MEDIUM |
Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. | |||||
CVE-2022-45099 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 7.8 HIGH |
Dell PowerScale OneFS, versions 8.2.x-9.4.x, contain a weak encoding for a NDMP password. A malicious and privileged local attacker could potentially exploit this vulnerability, leading to a full system compromise | |||||
CVE-2022-34412 | 1 Dell | 160 C4130, C4130 Firmware, C4140 and 157 more | 2024-02-28 | N/A | 6.7 MEDIUM |
Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. | |||||
CVE-2022-34393 | 1 Dell | 52 G5 Se 5505, G5 Se 5505 Firmware, Inspiron 27 7775 and 49 more | 2024-02-28 | N/A | 7.5 HIGH |
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||||
CVE-2022-46679 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 7.5 HIGH |
Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
CVE-2022-34460 | 1 Dell | 52 G5 Se 5505, G5 Se 5505 Firmware, Inspiron 27 7775 and 49 more | 2024-02-28 | N/A | 7.8 HIGH |
Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. |