ByteOS Network

Type	CWE ID	Description
text	N/A	Web Parameter Tampering Vulnerability

Version	Base score	Base severity	Vector
3.0	9.1	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Hyperlink	Resource
https://www.dell.com/support/article/us/en/04/sln317441/dsa-2019-074-dell-emc-openmanage-server-administrator-multiple-vulnerabilities?lang=en	x_refsource_CONFIRM
http://www.securityfocus.com/bid/108685	vdb-entry x_refsource_BID

Hyperlink	Resource
https://www.dell.com/support/article/us/en/04/sln317441/dsa-2019-074-dell-emc-openmanage-server-administrator-multiple-vulnerabilities?lang=en	x_refsource_CONFIRM x_transferred
http://www.securityfocus.com/bid/108685	vdb-entry x_refsource_BID x_transferred

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Type	Version	Base score	Base severity	Vector
Primary	3.0	9.1	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Secondary	3.0	9.1	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Primary	2.0	6.4	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:P

CWE ID	Type	Source
CWE-20	Primary	nvd@nist.gov

Hyperlink	Source	Resource
http://www.securityfocus.com/bid/108685	security_alert@emc.com	Third Party Advisory
https://www.dell.com/support/article/us/en/04/sln317441/dsa-2019-074-dell-emc-openmanage-server-administrator-multiple-vulnerabilities?lang=en	security_alert@emc.com	Vendor Advisory

CVE-2023-32463

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-3.4||LOW

EPSS-0.17% / 38.31%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 07:51

Updated-08 Nov, 2024 | 16:31

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

Vendor-Dell Inc.

Product-vxrail_e665n_firmware vxrail_p580n_vcf vxrail_e560n vxrail_e560f_vcf vxrail_d560 vxrail_v470 vxrail_g560f_vcf vxrail_g560f vxrail_e660f vxrail_s670 vxrail_p570_vcf vxrail_d560_firmware vxrail_p570_vcf_firmware vxrail_vd-4000r_firmware vxrail_s570 vxrail_v570f_vcf_firmware vxrail_e560n_vcf vxrail_p675n vxrail_p570f_firmware vxrail_p570f_vcf_firmware vxrail_p670n vxrail_s570_firmware vxrail_vd-4000z vxrail_e560f_vcf_firmware vxrail_p570f_vcf vxrail_v570f vxrail_e665f_firmware vxrail_p675f vxrail_p570_firmware vxrail_s470_firmware vxrail_e665f vxrail_p470 vxrail_p670f vxrail_e560_vcf_firmware vxrail_e560f_firmware vxrail_e660n vxrail_s670_firmware vxrail_p670n_firmware vxrail_v570f_firmware vxrail_v570_vcf vxrail_vd-4000r vxrail_s570_vcf_firmware vxrail_e560 vxrail_d560f_firmware vxrail_p670f_firmware vxrail_e660n_firmware vxrail_s570_vcf vxrail_e460_firmware vxrail_e660_firmware vxrail_v670f vxrail_e560f vxrail_v570f_vcf vxrail_vd-4520c vxrail_e560n_firmware vxrail_e560_vcf vxrail_g560_vcf_firmware vxrail_g560 vxrail_d560f vxrail_g560_vcf vxrail_p570 vxrail_g560f_vcf_firmware vxrail_vd-4000z_firmware vxrail_v570 vxrail_e665 vxrail_p570f vxrail_e660f_firmware vxrail_vd-4510c vxrail_vd-4000w vxrail_vd-4510c_firmware vxrail_p580n_vcf_firmware vxrail_v470_firmware vxrail_vd-4520c_firmware vxrail_p580n_firmware vxrail_v670f_firmware vxrail_v570_firmware vxrail_v570_vcf_firmware vxrail_e560n_vcf_firmware vxrail_g560f_firmware vxrail_p470_firmware vxrail_p580n vxrail_e665_firmware vxrail_g560_firmware vxrail_e660 vxrail_s470 vxrail_e665n vxrail_e560_firmware vxrail_p675n_firmware vxrail_vd-4000w_firmware vxrail_p675f_firmware vxrail_e460 Dell EMC VxRail Appliance

CWE ID-CWE-20

Improper Input Validation

CVE-2023-32469

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.29%

||

7 Day CHG~0.00%

Published-16 Nov, 2023 | 08:14

Updated-02 Aug, 2024 | 15:18

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.

Vendor-Dell Inc.

Product-precision_5820_firmware precision_7820 precision_7920_firmware precision_7820_firmware precision_7920 precision_5820 Dell Precision 5820 Tower, Dell Precision 7820 Tower, Dell Precision 7920 Tower

CWE ID-CWE-20

Improper Input Validation

CVE-2023-32462

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-9.8||CRITICAL

EPSS-1.70% / 81.54%

||

7 Day CHG~0.00%

Published-15 Feb, 2024 | 12:42

Updated-24 Apr, 2025 | 15:14

Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and possible system takeover. This is a critical vulnerability as it allows an attacker to cause severe damage. Dell recommends customers to upgrade at the earliest opportunity.

Vendor-Dell Inc.

Product-smartfabric_os10 Dell SmartFabric OS10

CWE ID-CWE-20

Improper Input Validation

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVE-2023-32480

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-6.8||MEDIUM

EPSS-0.06% / 18.43%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:50

Updated-29 Nov, 2024 | 14:39

Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-32484

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-9.8||CRITICAL

EPSS-0.15% / 35.98%

||

7 Day CHG~0.00%

Published-15 Feb, 2024 | 12:49

Updated-23 Jan, 2025 | 16:59

Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below contains an improper input validation vulnerability. A remote unauthenticated malicious user may exploit this vulnerability and escalate privileges up to the highest administrative level. This is a Critical vulnerability affecting certain protocols, Dell recommends customers to upgrade at the earliest opportunity.

Vendor-Dell Inc.

Product-enterprise_sonic_distribution Enterprise SONiC OS enterprise_sonic_os

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36343

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.95%

||

7 Day CHG~0.00%

Published-24 Jan, 2022 | 20:10

Updated-16 Sep, 2024 | 16:44

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28039

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:51

Updated-08 Nov, 2024 | 14:07

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28026

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:23

Updated-04 Dec, 2024 | 14:43

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28029

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:12

Updated-08 Nov, 2024 | 15:14

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28061

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:19

Updated-08 Nov, 2024 | 16:51

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28056

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:46

Updated-08 Nov, 2024 | 14:06

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28054

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:06

Updated-08 Nov, 2024 | 15:13

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28060

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:17

Updated-07 Nov, 2024 | 21:26

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28035

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:34

Updated-08 Nov, 2024 | 16:32

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28059

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:16

Updated-08 Nov, 2024 | 15:14

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28040

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:48

Updated-08 Nov, 2024 | 14:07

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28050

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:25

Updated-07 Nov, 2024 | 21:09

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28034

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:08

Updated-07 Nov, 2024 | 21:47

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28058

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:30

Updated-07 Nov, 2024 | 21:07

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28036

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:01

Updated-08 Nov, 2024 | 14:08

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28031

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:11

Updated-07 Nov, 2024 | 21:36

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28033

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:37

Updated-08 Nov, 2024 | 15:14

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28042

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:22

Updated-08 Nov, 2024 | 16:50

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28052

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:02

Updated-08 Nov, 2024 | 16:10

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28030

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:43

Updated-08 Nov, 2024 | 14:06

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28032

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:59

Updated-08 Nov, 2024 | 14:08

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28028

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:56

Updated-08 Nov, 2024 | 14:07

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28041

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:25

Updated-08 Nov, 2024 | 16:32

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28044

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:20

Updated-07 Nov, 2024 | 21:09

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28027

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:04

Updated-08 Nov, 2024 | 14:08

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-25938

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.22%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:13

Updated-07 Nov, 2024 | 21:31

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-25936

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 08:56

Updated-08 Nov, 2024 | 16:10

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-24569

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.8||HIGH

EPSS-0.04% / 10.65%

||

7 Day CHG~0.00%

Published-10 Feb, 2023 | 12:57

Updated-24 Mar, 2025 | 18:37

Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system.

Vendor-Dell Inc.

Product-alienware_command_center Alienware Command Center (AWCC)

CWE ID-CWE-20

Improper Input Validation

CVE-2023-24571

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 4.82%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 09:55

Updated-26 Feb, 2025 | 18:59

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.

Vendor-Dell Inc.

Product-embedded_box_pc_3000_firmware embedded_box_pc_3000 Embedded Box PC 3000 , CPG BIOS

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36323

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.95%

||

7 Day CHG~0.00%

Published-12 Nov, 2021 | 22:15

Updated-17 Sep, 2024 | 02:02

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36321

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.39% / 59.02%

||

7 Day CHG~0.00%

Published-20 Nov, 2021 | 01:40

Updated-16 Sep, 2024 | 22:41

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an improper input validation vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending specially crafted data to trigger a denial of service.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36324

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.95%

||

7 Day CHG~0.00%

Published-12 Nov, 2021 | 22:15

Updated-16 Sep, 2024 | 18:13

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36335

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-4.3||MEDIUM

EPSS-0.43% / 61.61%

||

7 Day CHG~0.00%

Published-23 Nov, 2021 | 20:00

Updated-16 Sep, 2024 | 16:53

Dell EMC CloudLink 7.1 and all prior versions contain an Improper Input Validation Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, leading to execution of arbitrary files on the server

Vendor-Dell Inc.

Product-emc_cloud_link CloudLink

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36283

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.95%

||

7 Day CHG~0.00%

Published-28 Sep, 2021 | 19:20

Updated-16 Sep, 2024 | 16:58

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36342

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.95%

||

7 Day CHG~0.00%

Published-24 Jan, 2022 | 20:10

Updated-16 Sep, 2024 | 18:34

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-20

Improper Input Validation

CVE-2016-6646

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-9.8||CRITICAL

EPSS-3.93% / 87.86%

||

7 Day CHG~0.00%

Published-05 Oct, 2016 | 01:00

Updated-12 Apr, 2025 | 10:46

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input to the (1) GetSymmCmdRequest or (2) RemoteServiceHandler class.

Vendor-n/a ELAN Microelectronics Corporation Dell Inc.

Product-solutions_enabler emc_unisphere unisphere n/a

CWE ID-CWE-20

Improper Input Validation

CVE-2016-6645

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-8.8||HIGH

EPSS-1.34% / 79.25%

||

7 Day CHG~0.00%

Published-05 Oct, 2016 | 01:00

Updated-12 Apr, 2025 | 10:46

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via crafted input to the (1) GeneralCmdRequest, (2) PersistantDataRequest, or (3) GetCommandExecRequest class.

Vendor-n/a ELAN Microelectronics Corporation Dell Inc.

Product-solutions_enabler emc_unisphere unisphere n/a

CWE ID-CWE-20

Improper Input Validation

CVE-2018-15778

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-8.8||HIGH

EPSS-0.04% / 10.71%

||

7 Day CHG~0.00%

Published-04 Feb, 2019 | 22:00

Updated-17 Sep, 2024 | 02:00

DSA-2019-019: Dell Networking OS10 OS Command Injection Vulnerability

Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI).

Vendor-Dell Inc.

Product-networking_os10 Dell Networking OS10

CWE ID-CWE-20

Improper Input Validation

CVE-2023-25937

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.05%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:40

Updated-08 Nov, 2024 | 14:06

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2019-3760

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-6.4||MEDIUM

EPSS-0.17% / 38.27%

||

7 Day CHG~0.00%

Published-11 Sep, 2019 | 19:17

Updated-17 Sep, 2024 | 04:18

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a SQL Injection vulnerability in Workflow Architect. A remote authenticated malicious user could potentially exploit this vulnerability to execute SQL commands on the back-end database to gain unauthorized access to the data by supplying specially crafted input data to the affected application.

Vendor-Dell Inc.

Product-rsa_identity_governance_and_lifecycle rsa_via_lifecycle_and_governance RSA Via Lifecycle and Governance RSA Identity Governance and Lifecycle

CWE ID-CWE-20

Improper Input Validation

CWE ID-CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVE-2021-36325

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.95%

||

7 Day CHG~0.00%

Published-12 Nov, 2021 | 22:15

Updated-16 Sep, 2024 | 20:31

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-21506

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-8.8||HIGH

EPSS-0.53% / 66.04%

||

7 Day CHG~0.00%

Published-08 Mar, 2021 | 21:44

Updated-16 Sep, 2024 | 16:29

PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. An un-authtenticated with ISI_PRIV_SYS_SUPPORT and ISI_PRIV_LOGIN_PAPI privileges could potentially exploit this vulnerability, leading to potential privileges escalation.

Vendor-Dell Inc.

Product-emc_powerscale_onefs PowerScale OneFS

CWE ID-CWE-20

Improper Input Validation

CVE-2016-0889

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-9.8||CRITICAL

EPSS-1.71% / 81.56%

||

7 Day CHG~0.00%

Published-15 Apr, 2016 | 14:00

Updated-12 Apr, 2025 | 10:46

An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname.

Vendor-n/a Dell Inc.

Product-emc_unisphere n/a

CWE ID-CWE-20

Improper Input Validation

CVE-2025-26477

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-4.3||MEDIUM

EPSS-0.14% / 34.57%

||

7 Day CHG~0.00%

Published-17 Apr, 2025 | 11:45

Updated-01 Aug, 2025 | 21:00

Dell ECS version 3.8.1.4 and prior contain an Improper Input Validation vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.

Vendor-Dell Inc.

Product-elastic_cloud_storage objectscale ECS

CWE ID-CWE-20

Improper Input Validation

CVE-2024-38483

Matching Score-6

Assigner-Dell

View Details

Matching Score-6

Assigner-Dell

CVSS Score-5.8||MEDIUM

EPSS-0.03% / 5.20%

||

7 Day CHG~0.00%

Published-14 Aug, 2024 | 09:24

Updated-18 Sep, 2024 | 19:19

Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2019-3723

Credits

Web Parameter Tampering Vulnerability

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs