ByteOS Network

Type	CWE ID	Description
text	N/A	n/a

Hyperlink	Resource
http://jvn.jp/en/jp/JVN90135579/index.html	third-party-advisory x_refsource_JVN
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000176	third-party-advisory x_refsource_JVNDB
http://www.securitytracker.com/id/1034092	vdb-entry x_refsource_SECTRACK

Hyperlink	Resource
http://jvn.jp/en/jp/JVN90135579/index.html	third-party-advisory x_refsource_JVN x_transferred
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000176	third-party-advisory x_refsource_JVNDB x_transferred
http://www.securitytracker.com/id/1034092	vdb-entry x_refsource_SECTRACK x_transferred

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Type	Version	Base score	Base severity	Vector
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE ID	Type	Source
CWE-20	Primary	nvd@nist.gov

Hyperlink	Source	Resource
http://jvn.jp/en/jp/JVN90135579/index.html	vultures@jpcert.or.jp	Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000176	vultures@jpcert.or.jp	Vendor Advisory
http://www.securitytracker.com/id/1034092	vultures@jpcert.or.jp	N/A
http://jvn.jp/en/jp/JVN90135579/index.html	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000176	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.securitytracker.com/id/1034092	af854a3a-2127-422b-91ae-364da2661108	N/A

CVE-2024-22429

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.05% / 14.27%

||

7 Day CHG~0.00%

Published-17 May, 2024 | 15:20

Updated-30 Jan, 2025 | 15:48

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-21532

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5||MEDIUM

EPSS-0.12% / 31.91%

||

7 Day CHG~0.00%

Published-02 Apr, 2021 | 21:20

Updated-16 Sep, 2024 | 17:28

Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file.

Vendor-Dell Inc.

Product-wyse_thinos Wyse Proprietary OS (ThinOS)

CWE ID-CWE-16

Not Available

CWE ID-CWE-20

Improper Input Validation

CVE-2023-43073

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-4.3||MEDIUM

EPSS-0.07% / 20.93%

||

7 Day CHG~0.00%

Published-05 Oct, 2023 | 17:52

Updated-19 Sep, 2024 | 18:19

Dell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. An authenticated remote attacker could potentially exploit this vulnerability, leading to gaining unauthorized access to data.

Vendor-Dell Inc.

Product-smartfabric_storage_software Dell SmartFabric Storage Software

CWE ID-CWE-20

Improper Input Validation

CVE-2024-0161

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.2||HIGH

EPSS-0.03% / 8.10%

||

7 Day CHG~0.00%

Published-13 Mar, 2024 | 16:04

Updated-04 Feb, 2025 | 17:29

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2022-32490

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 3.49%

||

7 Day CHG~0.00%

Published-18 Jan, 2023 | 05:59

Updated-03 Apr, 2025 | 19:43

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

Product-edge_gateway_3000_firmware embedded_box_pc_3000_firmware edge_gateway_5000_firmware embedded_box_pc_3000 edge_gateway_3000 edge_gateway_5000 BIOS

CWE ID-CWE-20

Improper Input Validation

CVE-2013-0120

Matching Score-6

Assigner-CERT/CC

View Details

Matching Score-6

Assigner-CERT/CC

CVSS Score-7.8||HIGH

EPSS-0.47% / 63.68%

||

7 Day CHG~0.00%

Published-24 Feb, 2013 | 11:00

Updated-11 Apr, 2025 | 00:51

The web interface on Dell PowerConnect 6248P switches allows remote attackers to cause a denial of service (device crash) via a malformed request.

Vendor-n/a Dell Inc.

Product-powerconnect_6248p n/a

CWE ID-CWE-20

Improper Input Validation

CVE-2023-32462

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-9.8||CRITICAL

EPSS-1.70% / 81.54%

||

7 Day CHG~0.00%

Published-15 Feb, 2024 | 12:42

Updated-24 Apr, 2025 | 15:14

Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and possible system takeover. This is a critical vulnerability as it allows an attacker to cause severe damage. Dell recommends customers to upgrade at the earliest opportunity.

Vendor-Dell Inc.

Product-smartfabric_os10 Dell SmartFabric OS10

CWE ID-CWE-20

Improper Input Validation

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVE-2023-32463

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-3.4||LOW

EPSS-0.17% / 38.30%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 07:51

Updated-08 Nov, 2024 | 16:31

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

Vendor-Dell Inc.

Product-vxrail_e665n_firmware vxrail_p580n_vcf vxrail_e560n vxrail_e560f_vcf vxrail_d560 vxrail_v470 vxrail_g560f_vcf vxrail_g560f vxrail_e660f vxrail_s670 vxrail_p570_vcf vxrail_d560_firmware vxrail_p570_vcf_firmware vxrail_vd-4000r_firmware vxrail_s570 vxrail_v570f_vcf_firmware vxrail_e560n_vcf vxrail_p675n vxrail_p570f_firmware vxrail_p570f_vcf_firmware vxrail_p670n vxrail_s570_firmware vxrail_vd-4000z vxrail_e560f_vcf_firmware vxrail_p570f_vcf vxrail_v570f vxrail_e665f_firmware vxrail_p675f vxrail_p570_firmware vxrail_s470_firmware vxrail_e665f vxrail_p470 vxrail_p670f vxrail_e560_vcf_firmware vxrail_e560f_firmware vxrail_e660n vxrail_s670_firmware vxrail_p670n_firmware vxrail_v570f_firmware vxrail_v570_vcf vxrail_vd-4000r vxrail_s570_vcf_firmware vxrail_e560 vxrail_d560f_firmware vxrail_p670f_firmware vxrail_e660n_firmware vxrail_s570_vcf vxrail_e460_firmware vxrail_e660_firmware vxrail_v670f vxrail_e560f vxrail_v570f_vcf vxrail_vd-4520c vxrail_e560n_firmware vxrail_e560_vcf vxrail_g560_vcf_firmware vxrail_g560 vxrail_d560f vxrail_g560_vcf vxrail_p570 vxrail_g560f_vcf_firmware vxrail_vd-4000z_firmware vxrail_v570 vxrail_e665 vxrail_p570f vxrail_e660f_firmware vxrail_vd-4510c vxrail_vd-4000w vxrail_vd-4510c_firmware vxrail_p580n_vcf_firmware vxrail_v470_firmware vxrail_vd-4520c_firmware vxrail_p580n_firmware vxrail_v670f_firmware vxrail_v570_firmware vxrail_v570_vcf_firmware vxrail_e560n_vcf_firmware vxrail_g560f_firmware vxrail_p470_firmware vxrail_p580n vxrail_e665_firmware vxrail_g560_firmware vxrail_e660 vxrail_s470 vxrail_e665n vxrail_e560_firmware vxrail_p675n_firmware vxrail_vd-4000w_firmware vxrail_p675f_firmware vxrail_e460 Dell EMC VxRail Appliance

CWE ID-CWE-20

Improper Input Validation

CVE-2024-0158

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.04% / 13.13%

||

7 Day CHG~0.00%

Published-02 Jul, 2024 | 06:20

Updated-01 Aug, 2024 | 17:41

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28026

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:23

Updated-04 Dec, 2024 | 14:43

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28034

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:08

Updated-07 Nov, 2024 | 21:47

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28061

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:19

Updated-08 Nov, 2024 | 16:51

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28056

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:46

Updated-08 Nov, 2024 | 14:06

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28032

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:59

Updated-08 Nov, 2024 | 14:08

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28027

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:04

Updated-08 Nov, 2024 | 14:08

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28054

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:06

Updated-08 Nov, 2024 | 15:13

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28031

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:11

Updated-07 Nov, 2024 | 21:36

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28030

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:43

Updated-08 Nov, 2024 | 14:06

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28050

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:25

Updated-07 Nov, 2024 | 21:09

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28040

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:48

Updated-08 Nov, 2024 | 14:07

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28060

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:17

Updated-07 Nov, 2024 | 21:26

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28059

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:16

Updated-08 Nov, 2024 | 15:14

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28042

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:22

Updated-08 Nov, 2024 | 16:50

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28035

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:34

Updated-08 Nov, 2024 | 16:32

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28036

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:01

Updated-08 Nov, 2024 | 14:08

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28041

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:25

Updated-08 Nov, 2024 | 16:32

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28044

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:20

Updated-07 Nov, 2024 | 21:09

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28039

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:51

Updated-08 Nov, 2024 | 14:07

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28052

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:02

Updated-08 Nov, 2024 | 16:10

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28028

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:56

Updated-08 Nov, 2024 | 14:07

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36335

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-4.3||MEDIUM

EPSS-0.43% / 61.60%

||

7 Day CHG~0.00%

Published-23 Nov, 2021 | 20:00

Updated-16 Sep, 2024 | 16:53

Dell EMC CloudLink 7.1 and all prior versions contain an Improper Input Validation Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, leading to execution of arbitrary files on the server

Vendor-Dell Inc.

Product-emc_cloud_link CloudLink

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36343

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.88%

||

7 Day CHG~0.00%

Published-24 Jan, 2022 | 20:10

Updated-16 Sep, 2024 | 16:44

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-20

Improper Input Validation

CVE-2023-25937

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:40

Updated-08 Nov, 2024 | 14:06

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-24571

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 4.80%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 09:55

Updated-26 Feb, 2025 | 18:59

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.

Vendor-Dell Inc.

Product-embedded_box_pc_3000_firmware embedded_box_pc_3000 Embedded Box PC 3000 , CPG BIOS

CWE ID-CWE-20

Improper Input Validation

CVE-2023-24569

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.8||HIGH

EPSS-0.04% / 10.58%

||

7 Day CHG~0.00%

Published-10 Feb, 2023 | 12:57

Updated-24 Mar, 2025 | 18:37

Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system.

Vendor-Dell Inc.

Product-alienware_command_center Alienware Command Center (AWCC)

CWE ID-CWE-20

Improper Input Validation

CVE-2018-15778

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-8.8||HIGH

EPSS-0.04% / 10.64%

||

7 Day CHG~0.00%

Published-04 Feb, 2019 | 22:00

Updated-17 Sep, 2024 | 02:00

DSA-2019-019: Dell Networking OS10 OS Command Injection Vulnerability

Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI).

Vendor-Dell Inc.

Product-networking_os10 Dell Networking OS10

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28058

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:30

Updated-07 Nov, 2024 | 21:07

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28033

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:37

Updated-08 Nov, 2024 | 15:14

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28029

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:12

Updated-08 Nov, 2024 | 15:14

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2020-35169

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-9.1||CRITICAL

EPSS-0.18% / 40.42%

||

7 Day CHG~0.00%

Published-11 Jul, 2022 | 19:26

Updated-16 Sep, 2024 | 17:37

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability.

Vendor-Oracle Corporation Dell Inc.

Product-http_server weblogic_server_proxy_plug-in bsafe_crypto-c-micro-edition database bsafe_micro-edition-suite security_service Dell BSAFE Crypto-C Micro Edition

CWE ID-CWE-347

Improper Verification of Cryptographic Signature

CWE ID-CWE-20

Improper Input Validation

CVE-2016-6645

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-8.8||HIGH

EPSS-1.34% / 79.23%

||

7 Day CHG~0.00%

Published-05 Oct, 2016 | 01:00

Updated-12 Apr, 2025 | 10:46

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via crafted input to the (1) GeneralCmdRequest, (2) PersistantDataRequest, or (3) GetCommandExecRequest class.

Vendor-n/a ELAN Microelectronics Corporation Dell Inc.

Product-solutions_enabler emc_unisphere unisphere n/a

CWE ID-CWE-20

Improper Input Validation

CVE-2024-25942

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-4.4||MEDIUM

EPSS-0.03% / 7.83%

||

7 Day CHG~0.00%

Published-19 Mar, 2024 | 07:52

Updated-04 Feb, 2025 | 17:32

Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-25938

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.21%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:13

Updated-07 Nov, 2024 | 21:31

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2020-5321

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.6||HIGH

EPSS-0.43% / 61.64%

||

7 Day CHG~0.00%

Published-19 Jul, 2021 | 21:30

Updated-17 Sep, 2024 | 03:54

Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an improper input validation vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to spawn tasks with elevated privileges.

Vendor-Dell Inc.

Product-emc_openmanage_enterprise-modular emc_openmanage_enterprise Dell OpenManage Enterprise

CWE ID-CWE-20

Improper Input Validation

CVE-2016-6646

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-9.8||CRITICAL

EPSS-3.93% / 87.86%

||

7 Day CHG~0.00%

Published-05 Oct, 2016 | 01:00

Updated-12 Apr, 2025 | 10:46

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input to the (1) GetSymmCmdRequest or (2) RemoteServiceHandler class.

Vendor-n/a ELAN Microelectronics Corporation Dell Inc.

Product-solutions_enabler emc_unisphere unisphere n/a

CWE ID-CWE-20

Improper Input Validation

CVE-2022-34460

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 3.49%

||

7 Day CHG~0.00%

Published-18 Jan, 2023 | 05:25

Updated-03 Apr, 2025 | 19:38

Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2022-34435

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-2.7||LOW

EPSS-0.04% / 8.71%

||

7 Day CHG~0.00%

Published-18 Jan, 2023 | 11:07

Updated-03 Apr, 2025 | 19:43

Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update.

Vendor-Dell Inc.

Product-idrac9_firmware idrac9 Integrated Dell Remote Access Controller 9

CWE ID-CWE-20

Improper Input Validation

CVE-2022-34443

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.8||HIGH

EPSS-0.04% / 10.90%

||

7 Day CHG~0.00%

Published-01 Feb, 2023 | 04:19

Updated-27 Mar, 2025 | 14:11

Dell Rugged Control Center, versions prior to 4.5, contain an Improper Input Validation in the Service EndPoint. A Local Low Privilege attacker could potentially exploit this vulnerability, leading to an Escalation of privileges.

Vendor-Dell Inc.

Product-rugged_control_center Rugged Control Center (RCC)

CWE ID-CWE-20

Improper Input Validation

CVE-2022-34436

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-2.7||LOW

EPSS-0.04% / 8.71%

||

7 Day CHG~0.00%

Published-18 Jan, 2023 | 11:15

Updated-03 Apr, 2025 | 18:07

Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update.

Vendor-Dell Inc.

Product-idrac8_firmware idrac8 Integrated Dell Remote Access Controller 8

CWE ID-CWE-20

Improper Input Validation

CVE-2022-34393

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 4.55%

||

7 Day CHG~0.00%

Published-18 Jan, 2023 | 05:19

Updated-03 Apr, 2025 | 19:38

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2015-7770

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs