Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-34424

Summary
Assigner-dell
Assigner Org ID-c550e75a-17ff-4988-97f0-544cde3820fe
Published At-28 Sep, 2022 | 20:30
Updated At-20 May, 2025 | 20:28
Rejected At-
Credits

Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:dell
Assigner Org ID:c550e75a-17ff-4988-97f0-544cde3820fe
Published At:28 Sep, 2022 | 20:30
Updated At:20 May, 2025 | 20:28
Rejected At:
▼CVE Numbering Authority (CNA)

Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.

Affected Products
Vendor
Dell Inc.Dell
Product
Dell Networking OS10
Versions
Affected
  • From unspecified before 10.5.3.11 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787: Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787: Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilities
x_refsource_MISC
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilities
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilities
x_refsource_MISC
x_transferred
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilities
Resource:
x_refsource_MISC
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security_alert@emc.com
Published At:28 Sep, 2022 | 21:15
Updated At:30 Sep, 2022 | 02:18

Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Dell Inc.
dell
>>smartfabric_os10>>Versions from 10.5.1.0(inclusive) to 10.5.1.11(exclusive)
cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>smartfabric_os10>>Versions from 10.5.2.0(inclusive) to 10.5.2.11(exclusive)
cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>smartfabric_os10>>Versions from 10.5.3.0(inclusive) to 10.5.3.5(exclusive)
cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE-787Secondarysecurity_alert@emc.com
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-787
Type: Secondary
Source: security_alert@emc.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilitiessecurity_alert@emc.com
Vendor Advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilities
Source: security_alert@emc.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

781Records found
CVE-2024-25966
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.51% / 65.50%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 07:07
Updated-09 Jan, 2025 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an improper handling of unexpected data type vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFSpowerscale_onefs
CWE ID-CWE-241
Improper Handling of Unexpected Data Type
CVE-2024-25964
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.44% / 62.21%
||
7 Day CHG~0.00%
Published-25 Mar, 2024 | 08:13
Updated-09 Jan, 2025 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS 9.5.0.x through 9.7.0.x contain a covert timing channel vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFSpowerscale_onefs
CWE ID-CWE-385
Covert Timing Channel
CVE-2024-25954
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.64% / 69.60%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 18:38
Updated-09 Jan, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session expiration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFSpowerscale_onefs
CWE ID-CWE-613
Insufficient Session Expiration
CVE-2021-36321
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.39% / 58.99%
||
7 Day CHG~0.00%
Published-20 Nov, 2021 | 01:40
Updated-16 Sep, 2024 | 22:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an improper input validation vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending specially crafted data to trigger a denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-x1008px1018_firmwarex4012x1052p_firmwarex1008p_firmwarex1026x4012_firmwarex1026p_firmwarex1018p_firmwarex1018x1026px1008_firmwarex1052_firmwarex1052x1026_firmwarex1008x1018px1052pNetworking X-Series
CWE ID-CWE-20
Improper Input Validation
CVE-2015-0536
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-1.03% / 76.39%
||
7 Day CHG~0.00%
Published-20 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allow remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero, a similar issue to CVE-2015-1787.

Action-Not Available
Vendor-n/aDell Inc.
Product-bsafebsafe_ssl-cn/a
CVE-2023-44288
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.14% / 33.90%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 05:35
Updated-02 Aug, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-664
Improper Control of a Resource Through its Lifetime
CVE-2018-11054
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-2.35% / 84.27%
||
7 Day CHG~0.00%
Published-31 Aug, 2018 | 18:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.

Action-Not Available
Vendor-Dell Inc.RSA Security LLCOracle Corporation
Product-timesten_in-memory_databasecommunications_ip_service_activatorcore_rdbmscommunications_analyticsbsafegoldengate_application_adaptersreal_user_experience_insightapplication_testing_suitejd_edwards_enterpriseone_toolsretail_predictive_application_serverenterprise_manager_ops_centersecurity_serviceBSAFE Micro Edition Suite
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-15769
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-1.57% / 80.78%
||
7 Day CHG~0.00%
Published-16 Nov, 2018 | 21:00
Updated-05 Aug, 2024 | 10:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value is sent to the TLS client, and an Ephemeral or Anonymous Diffie-Hellman cipher suite (DHE or ADH) is used.

Action-Not Available
Vendor-n/aOracle CorporationDell Inc.
Product-timesten_in-memory_databasecommunications_ip_service_activatorcore_rdbmscommunications_analyticsbsafegoldengate_application_adaptersreal_user_experience_insightapplication_testing_suitejd_edwards_enterpriseone_toolsretail_predictive_application_serverenterprise_manager_ops_centersecurity_servicen/a
CVE-2025-27694
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 36.13%
||
7 Day CHG~0.00%
Published-02 Apr, 2025 | 00:12
Updated-11 Jul, 2025 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insufficient Resource Pool vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-wyse_management_suiteWyse Management Suite
CWE ID-CWE-410
Insufficient Resource Pool
CVE-2025-26481
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.61%
||
7 Day CHG~0.00%
Published-15 May, 2025 | 19:03
Updated-11 Jul, 2025 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource consumption vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-26480
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 36.13%
||
7 Day CHG~0.00%
Published-10 Apr, 2025 | 02:22
Updated-11 Jul, 2025 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.0, contains an uncontrolled resource consumption vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-34439
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.34% / 55.79%
||
7 Day CHG~0.00%
Published-21 Oct, 2022 | 18:05
Updated-07 May, 2025 | 14:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2017-4981
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.60% / 68.54%
||
7 Day CHG~0.00%
Published-14 Jun, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing vulnerability.

Action-Not Available
Vendor-n/aDell Inc.
Product-bsafe_cert-cRSA BSAFE Cert-C RSA BSAFE Cert-C version 2.9.0.5
CWE ID-CWE-295
Improper Certificate Validation
CVE-2020-5372
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.6||HIGH
EPSS-0.66% / 70.21%
||
7 Day CHG~0.00%
Published-06 Jul, 2020 | 17:45
Updated-16 Sep, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerStore versions prior to 1.0.1.0.5.002 contain a vulnerability that exposes test interface ports to external network. A remote unauthenticated attacker could potentially cause Denial of Service via test interface ports which are not used during run time environment.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerstore_5000emc_powerstore_3000emc_powerstore_1000_firmwareemc_powerstore_9000emc_powerstore_7000_firmwareemc_powerstore_5000_firmwareemc_powerstore_7000emc_powerstore_1000emc_powerstore_9000_firmwareemc_powerstore_3000_firmwarePowerStore
CWE ID-CWE-1244
Internal Asset Exposed to Unsafe Debug Access Level or State
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-5360
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-1.80% / 82.05%
||
7 Day CHG~0.00%
Published-16 Dec, 2020 | 15:50
Updated-16 Sep, 2024 | 22:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems.

Action-Not Available
Vendor-Oracle CorporationDell Inc.
Product-http_serverweblogic_server_proxy_plug-indatabasebsafe_micro-edition-suitesecurity_serviceDell BSAFE Micro Edition Suite
CWE ID-CWE-127
Buffer Under-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-5347
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.54% / 66.48%
||
7 Day CHG~0.00%
Published-03 Apr, 2020 | 23:20
Updated-16 Sep, 2024 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses.

Action-Not Available
Vendor-Dell Inc.
Product-emc_isilon_onefsIsilon OneFS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-5319
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-1.06% / 76.75%
||
7 Day CHG~0.00%
Published-06 Feb, 2020 | 17:45
Updated-16 Sep, 2024 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server. A remote unauthenticated attacker may potentially exploit this vulnerability and cause a Denial of Service (Storage Processor Panic) by sending an out of order SSH protocol sequence.

Action-Not Available
Vendor-Dell Inc.
Product-emc_unity_operating_environmentemc_unityvsa_operating_environmentemc_unity_xt_operating_environmentUnity
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2022-24412
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.54% / 66.48%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 17:50
Updated-16 Sep, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling of value vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to denial-of-service.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-229
Improper Handling of Values
CVE-2022-23161
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.46% / 62.98%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 17:50
Updated-16 Sep, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2023-23689
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 30.66%
||
7 Day CHG~0.00%
Published-28 Feb, 2023 | 16:40
Updated-07 Mar, 2025 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthenticated network host to impair built-in hardware management functionality and trigger OneFS data protection mechanism causing a denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-h600_firmwareh5600_firmwaref810h600a2000f810_firmwareh500h400a200_firmwareh5600a200h500_firmwaref800a2000_firmwareh400_firmwaref800_firmwarePowerScale OneFS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-39248
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.14% / 33.90%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 06:04
Updated-28 May, 2025 | 15:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption (Denial of Service) vulnerability, when switches are configured with VLT and VRRP. A remote unauthenticated user can cause the network to be flooded leading to Denial of Service for actual network users. This is a high severity vulnerability as it allows an attacker to cause an outage of network. Dell recommends customers to upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-networking_os10Dell Networking OS10
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-24423
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.85% / 73.96%
||
7 Day CHG~0.00%
Published-21 Apr, 2022 | 20:50
Updated-16 Sep, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC8 versions prior to 2.83.83.83 contain a denial of service vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to cause resource exhaustion in the webserver, resulting in a denial of service condition.

Action-Not Available
Vendor-Dell Inc.
Product-integrated_dell_remote_access_controller_8_firmwareintegrated_dell_remote_access_controller_8Integrated Dell Remote Access Controller 8
CWE ID-CWE-20
Improper Input Validation
CVE-2004-0079
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.27% / 83.98%
||
7 Day CHG~0.00%
Published-18 Mar, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

Action-Not Available
Vendor-neoteristarantella4dstonesoftscosecurecomputingbluecoatliten/aAvaya LLCNovellSun Microsystems (Oracle Corporation)Symantec CorporationCisco Systems, Inc.Apple Inc.HP Inc.Check Point Software Technologies Ltd.Silicon Graphics, Inc.OpenBSDRed Hat, Inc.Dell Inc.FreeBSD FoundationOpenSSLVMware (Broadcom Inc.)
Product-wbemfirewall_services_moduleapplication_and_content_networking_softwareaaa_servers8700okena_stormwatchmac_os_xthreat_responseapache-based_web_serverpix_firewallpropacks8500provider-1call_managerciscoworks_common_management_foundationclientless_vpn_gateway_4400secure_content_acceleratorvsus8300stonebeat_fullclustergsx_serverfirewall-1access_registrarstonebeat_securityclustergss_4480_global_site_selectortarantella_enterprisestonegate_vpn_clientproxysgvpn-1mac_os_x_serverenterprise_linux_desktopmds_9000enterprise_linuxwebstaropenserverbsafe_ssl-jioswebnssg203css11000_content_services_switchopenssllinuxintuity_audixserverclustersg5openbsdsg208sg200cacheos_ca_sastonegateciscoworks_common_servicesgss_4490_global_site_selectorimanagerinstant_virtual_extranetedirectorysidewinderhp-uxconverged_communications_serverstonebeat_webclustercrypto_accelerator_4000speed_technologies_litespeed_web_serverfreebsdpix_firewall_softwarecontent_services_switch_11500css_secure_content_acceleratorn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-22562
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.02%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 17:50
Updated-17 Sep, 2024 | 03:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-229
Improper Handling of Values
CVE-2022-22556
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-3.7||LOW
EPSS-1.06% / 76.75%
||
7 Day CHG~0.00%
Published-02 Jun, 2022 | 21:00
Updated-17 Sep, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the Denial of Service.

Action-Not Available
Vendor-Dell Inc.
Product-powerstore_xpowerstore_tpowerstoreosPowerStore
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-32463
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-3.4||LOW
EPSS-0.17% / 38.30%
||
7 Day CHG~0.00%
Published-23 Jun, 2023 | 07:51
Updated-08 Nov, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

Action-Not Available
Vendor-Dell Inc.
Product-vxrail_e665n_firmwarevxrail_p580n_vcfvxrail_e560nvxrail_e560f_vcfvxrail_d560vxrail_v470vxrail_g560f_vcfvxrail_g560fvxrail_e660fvxrail_s670vxrail_p570_vcfvxrail_d560_firmwarevxrail_p570_vcf_firmwarevxrail_vd-4000r_firmwarevxrail_s570vxrail_v570f_vcf_firmwarevxrail_e560n_vcfvxrail_p675nvxrail_p570f_firmwarevxrail_p570f_vcf_firmwarevxrail_p670nvxrail_s570_firmwarevxrail_vd-4000zvxrail_e560f_vcf_firmwarevxrail_p570f_vcfvxrail_v570fvxrail_e665f_firmwarevxrail_p675fvxrail_p570_firmwarevxrail_s470_firmwarevxrail_e665fvxrail_p470vxrail_p670fvxrail_e560_vcf_firmwarevxrail_e560f_firmwarevxrail_e660nvxrail_s670_firmwarevxrail_p670n_firmwarevxrail_v570f_firmwarevxrail_v570_vcfvxrail_vd-4000rvxrail_s570_vcf_firmwarevxrail_e560vxrail_d560f_firmwarevxrail_p670f_firmwarevxrail_e660n_firmwarevxrail_s570_vcfvxrail_e460_firmwarevxrail_e660_firmwarevxrail_v670fvxrail_e560fvxrail_v570f_vcfvxrail_vd-4520cvxrail_e560n_firmwarevxrail_e560_vcfvxrail_g560_vcf_firmwarevxrail_g560vxrail_d560fvxrail_g560_vcfvxrail_p570vxrail_g560f_vcf_firmwarevxrail_vd-4000z_firmwarevxrail_v570vxrail_e665vxrail_p570fvxrail_e660f_firmwarevxrail_vd-4510cvxrail_vd-4000wvxrail_vd-4510c_firmwarevxrail_p580n_vcf_firmwarevxrail_v470_firmwarevxrail_vd-4520c_firmwarevxrail_p580n_firmwarevxrail_v670f_firmwarevxrail_v570_firmwarevxrail_v570_vcf_firmwarevxrail_e560n_vcf_firmwarevxrail_g560f_firmwarevxrail_p470_firmwarevxrail_p580nvxrail_e665_firmwarevxrail_g560_firmwarevxrail_e660vxrail_s470vxrail_e665nvxrail_e560_firmwarevxrail_p675n_firmwarevxrail_vd-4000w_firmwarevxrail_p675f_firmwarevxrail_e460Dell EMC VxRail Appliance
CWE ID-CWE-20
Improper Input Validation
CVE-2021-43588
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-4.3||MEDIUM
EPSS-0.52% / 65.83%
||
7 Day CHG~0.00%
Published-24 Jan, 2022 | 20:10
Updated-16 Sep, 2024 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Data Protection Central version 19.5 contains an Improper Input Validation Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-emc_data_protection_centralData Protection Central
CWE ID-CWE-20
Improper Input Validation
CVE-2019-3721
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-4.3||MEDIUM
EPSS-0.61% / 68.71%
||
7 Day CHG~0.00%
Published-25 Apr, 2019 | 20:17
Updated-16 Sep, 2024 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Range Header Processing Vulnerability

Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges to cause the application to compress each of the requested bytes, resulting in a crash due to excessive memory consumption and preventing users from accessing the system.

Action-Not Available
Vendor-Dell Inc.
Product-emc_openmanage_server_administratorOpen Manage System Administrator
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-3728
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.60% / 68.43%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 21:48
Updated-22 May, 2025 | 16:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RSA BSAFE Crypto-C Micro Edition versions from 4.0.0.0 before 4.0.5.4 and from 4.1.0 before 4.1.4, RSA BSAFE Micro Edition Suite versions from 4.0.0 before 4.0.13 and from 4.1.0 before 4.4 and RSA Crypto-C versions from 6.0.0 through 6.4.* are vulnerable to an out-of-bounds read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system.

Action-Not Available
Vendor-Dell Inc.
Product-bsafe_crypto-c-micro-editionbsafe_micro-edition-suitebsafe_crypto-cRSA Crypto-CRSA BSAFE Crypto-C Micro EditionRSA BSAFE Micro Edition Suite
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-24574
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.58% / 67.97%
||
7 Day CHG~0.00%
Published-02 Feb, 2023 | 16:04
Updated-27 Mar, 2025 | 13:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumption by creating permanent home directories for unauthenticated users.

Action-Not Available
Vendor-Dell Inc.
Product-enterprise_sonic_distributionEnterprise SONiC OS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-37125
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.65%
||
7 Day CHG~0.00%
Published-26 Sep, 2024 | 17:01
Updated-25 Nov, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an Uncontrolled Resource Consumption vulnerability. A remote unauthenticated host could potentially exploit this vulnerability leading to a denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Softwaresmartfabric_os10
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-29172
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.9||MEDIUM
EPSS-0.04% / 10.80%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 01:32
Updated-19 Mar, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerability. A remote attacker could potentially exploit this vulnerability, leading to a Denial of Service.

Action-Not Available
Vendor-Dell Inc.
Product-bsafe_ssl-jDell BSAFE SSL-J
CWE ID-CWE-667
Improper Locking
CWE ID-CWE-833
Deadlock
CVE-2022-46679
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.5||MEDIUM
EPSS-0.37% / 57.79%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 05:33
Updated-26 Mar, 2025 | 18:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-410
Insufficient Resource Pool
CVE-2020-26185
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.30%
||
7 Day CHG~0.00%
Published-01 Jun, 2022 | 14:25
Updated-17 Sep, 2024 | 00:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain a Buffer Over-Read Vulnerability.

Action-Not Available
Vendor-Oracle CorporationDell Inc.
Product-http_serverweblogic_server_proxy_plug-indatabasebsafe_micro-edition-suitesecurity_serviceDell BSAFE Micro Edition Suite
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-29490
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.56% / 67.16%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-16 Sep, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a Denial of Service vulnerability on NAS Servers with NFS exports. A remote authenticated attacker could potentially exploit this vulnerability and cause Denial of Service (Storage Processor Panic) by sending specially crafted UDP requests.

Action-Not Available
Vendor-Dell Inc.
Product-emc_unity_vsa_operating_environmentemc_unity_operating_environmentemc_unity_xt_operating_environmentUnity
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-28962
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 33.47%
||
7 Day CHG~0.00%
Published-06 Aug, 2024 | 03:59
Updated-19 Aug, 2024 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_updatecommand_updateupdateDell Update (DU)alienware_updatecommand_updateupdate
CWE ID-CWE-610
Externally Controlled Reference to a Resource in Another Sphere
CVE-2024-25948
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 5.89%
||
7 Day CHG~0.00%
Published-01 Aug, 2024 | 07:09
Updated-02 Aug, 2024 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC Service Module version 5.3.0.0 and prior, contain a Out of bound Write Vulnerability. A privileged local attacker could execute arbitrary code potentially resulting in a denial of service event.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac_service_moduleiDRAC Service Module (iSM)emc_idrac_service_module
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-25942
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 7.79%
||
7 Day CHG~0.00%
Published-19 Mar, 2024 | 07:52
Updated-04 Feb, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-xc730xd_firmwarenx3230_firmwarepoweredge_fc430_firmwarexc430_firmwarepoweredge_r730xdpoweredge_r530poweredge_r630poweredge_r630_firmwarepoweredge_m830_\(pe_vrtx\)poweredge_r730xd_firmwarepoweredge_t630_firmwarepoweredge_c6320_firmwarepoweredge_fc630_firmwarepoweredge_fc430poweredge_m630xc6320_firmwarexc730_firmwarepoweredge_m830_firmwarepoweredge_t430poweredge_r730poweredge_fc630nx3230poweredge_r930_firmwarepoweredge_m630_\(pe_vrtx\)_firmwarenx3330poweredge_r830_firmwarepoweredge_r430_firmwarepoweredge_fc830poweredge_m830_\(pe_vrtx\)_firmwarenx3330_firmwarepoweredge_c4130poweredge_r830xc430poweredge_fc830_firmwarexc6320poweredge_c6320poweredge_r730_firmwarexc730xc730xdpoweredge_c4130_firmwarepoweredge_t430_firmwarepoweredge_r530_firmwarepoweredge_t630xc630_firmwarepoweredge_r430poweredge_m830xc630poweredge_m630_\(pe_vrtx\)poweredge_r930poweredge_m630_firmwarePowerEdge Platform
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-25947
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 5.89%
||
7 Day CHG~0.00%
Published-01 Aug, 2024 | 07:04
Updated-02 Aug, 2024 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC Service Module version 5.3.0.0 and prior, contain an Out of bound Read Vulnerability. A privileged local attacker could execute arbitrary code potentially resulting in a denial of service event.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac_service_moduleiDRAC Service Module (iSM)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-22453
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.03% / 5.59%
||
7 Day CHG~0.00%
Published-19 Mar, 2024 | 07:42
Updated-04 Feb, 2025 | 17:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory.

Action-Not Available
Vendor-Dell Inc.
Product-xc730xd_firmwarenx3230_firmwarepoweredge_fc430_firmwarexc430_firmwarepoweredge_r730xdpoweredge_r530poweredge_r630poweredge_r630_firmwarepoweredge_m830_\(pe_vrtx\)poweredge_r730xd_firmwarepoweredge_t630_firmwarepoweredge_c6320_firmwarepoweredge_fc630_firmwarepoweredge_fc430poweredge_m630xc6320_firmwarexc730_firmwarepoweredge_m830_firmwarepoweredge_t430poweredge_r730poweredge_fc630nx3230poweredge_r930_firmwarepoweredge_m630_\(pe_vrtx\)_firmwarenx3330poweredge_r830_firmwarepoweredge_r430_firmwarepoweredge_fc830poweredge_m830_\(pe_vrtx\)_firmwarenx3330_firmwarepoweredge_c4130poweredge_r830xc430poweredge_fc830_firmwarexc6320poweredge_c6320poweredge_r730_firmwarexc730xc730xdpoweredge_c4130_firmwarepoweredge_t430_firmwarepoweredge_r530_firmwarepoweredge_t630xc630_firmwarepoweredge_r430poweredge_m830xc630poweredge_m630_\(pe_vrtx\)poweredge_r930poweredge_m630_firmwarePowerEdge Platform
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-22448
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-4.7||MEDIUM
EPSS-0.04% / 11.06%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 07:30
Updated-04 Feb, 2025 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-g5_5500latitude_5511_firmwarelatitude_9510_2in1_firmwareprecision_7750_firmwarexps_9315_2-in-1latitude_5411_firmwareprecision_3450latitude_9410_firmwarelatitude_5420precision_3460_small_form_factorinspiron_5502inspiron_15_3511latitude_5430_rugged_laptop_firmwareoptiplex_5080_firmwarechengming_3990_firmwareinspiron_5406_2-in-1optiplex_3280_all-in-oneprecision_5550latitude_5340_firmwareoptiplex_7000_micro_firmwarevostro_14_3420latitude_3410xps_17_9730_firmwareinspiron_16_7640_2-in-1inspiron_14_5410_firmwareprecision_3550latitude_9420precision_3460_xe_small_form_factor_firmwareinspiron_13_5330latitude_5521optiplex_small_form_factor_7010precision_5570_firmwarexps_13_9310latitude_7430latitude_5531_firmwarealienware_x16_r2_firmwarexps_15_9500_firmwarelatitude_3140latitude_9510_2in1precision_5770_firmwareinspiron_3891_firmwarevostro_15_3520precision_3660_firmwarelatitude_3530optiplex_3000_toweroptiplex_3000_tower_firmwareinspiron_14_plus_7420_firmwareprecision_5570latitude_5530latitude_5430_rugged_laptopprecision_5470latitude_3320_firmwareoptiplex_5080latitude_7410_firmwareprecision_7780vostro_3400_firmwarealienware_m18_r1optiplex_3090_ultra_firmwareinspiron_7306_2-in-1_firmwareinspiron_7506_2-in-1_firmwarevostro_3400alienware_m18_r2_firmwarexps_13_9310_firmwareoptiplex_3090xps_15_9520_firmwareprecision_3551_firmwarelatitude_9520vostro_15_5510latitude_5520_firmwarelatitude_7440_firmwareg16_7630vostro_15_7510_firmwarevostro_3910_firmwarelatitude_7340xps_15_9510_firmwareinspiron_15_3511_firmwareoptiplex_5090_towerlatitude_7030_rugged_extremevostro_3888inspiron_5402_firmwareprecision_3440xps_17_9720inspiron_3881_firmwareinspiron_27_7710_all-in-oneoptiplex_micro_7010precision_7670vostro_7500_firmwareinspiron_7300xps_13_9310_2-in-1optiplex_7490_all-in-oneprecision_3460_xe_small_form_factorinspiron_5502_firmwareg15_5530_firmwarevostro_5502_firmwarelatitude_7310_firmwareprecision_7760precision_7760_firmwareinspiron_13_5320_firmwarealienware_m16_r1optiplex_micro_7010_firmwareoptiplex_tower_7010_firmwareinspiron_3020_desktop_firmwarevostro_7620_firmwareinspiron_5400latitude_5421_firmwareinspiron_5409g15_5520_firmwarexps_13_9340_firmwareinspiron_5401_aio_firmwarealienware_m18_r1_firmwareinspiron_5401latitude_7420inspiron_15_5518latitude_9440_2-in-1_firmwarexps_15_9510optiplex_7400_all-in-one_firmwarelatitude_5330chengming_3900precision_3640latitude_7330_firmwareinspiron_3020_desktopinspiron_15_5518_firmwareprecision_3240_compactoptiplex_7490_all-in-one_firmwareinspiron_13_5320vostro_3881g15_5511_firmwareprecision_7670_firmwarevostro_3710_firmwareoptiplex_3000_small_form_factorprecision_7560optiplex_3090_ultraalienware_m18_r2latitude_9330_firmwareinspiron_16_7610_firmwarelatitude_7310xps_17_9700_firmwareinspiron_7400latitude_7320_detachableinspiron_16_7620_2-in-1inspiron_5410_firmwarelatitude_7330inspiron_5509_firmwareinspiron_7300_firmwarevostro_5402latitude_3550_firmwarelatitude_7030_rugged_extreme_firmwareprecision_7550_firmwarelatitude_7530vostro_14_5410g16_7620latitude_3550chengming_3911_firmwarealienware_m15_r7_firmwareg7_7700chengming_3900_firmwareinspiron_5410inspiron_5402latitude_5421inspiron_14_5418_firmwareinspiron_14_plus_7440_firmwareinspiron_3891precision_3480latitude_7520inspiron_14_7420_2-in-1_firmwarelatitude_5320precision_7550inspiron_5301vostro_5890inspiron_3910vostro_3500_firmwarevostro_5320latitude_7340_firmwarevostro_14_3430optiplex_5090_small_form_factorinspiron_3030slatitude_9330vostro_14_3440g7_7500latitude_3510_firmwarelatitude_3510inspiron_27_7720_all-in-one_firmwarelatitude_9440_2-in-1optiplex_all-in-one_7410vostro_3690vostro_14_5410_firmwarexps_15_9500inspiron_3020_small_desktop_firmwareoptiplex_micro_plus_7010_firmwareprecision_3581latitude_3140_firmwareg3_3500inspiron_3030s_firmwareprecision_3470_firmwareoptiplex_7000_towervostro_14_3430_firmwarealienware_m15_r7vostro_3888_firmwareoptiplex_7000_tower_firmwarexps_13_9315_firmwarexps_14_9440_firmwareinspiron_7500_firmwareoptiplex_5400_all-in-one_firmwarechengming_3911vostro_15_5510_firmwarevostro_3710inspiron_7306_2-in-1latitude_5540_firmwareprecision_5480_firmwareoptiplex_tower_plus_7010g15_5510latitude_7440latitude_9420_firmwareinspiron_14_5410precision_3470precision_7770_firmwareinspiron_14_7430_2-in-1precision_3551inspiron_14_5420precision_7680precision_5560_firmwareoptiplex_5490_all-in-onelatitude_7330_rugged_laptop_firmwarevostro_3020_tower_desktopoptiplex_5000_tower_firmwareinspiron_15_3530inspiron_16_7610latitude_5410_firmwarealienware_x16_r1inspiron_7700_all-in-one_firmwareoptiplex_7000_xe_microinspiron_27_7710_all-in-one_firmwareprecision_5470_firmwareprecision_7960_towerlatitude_9410inspiron_16_5620_firmwareg7_7700_firmwarevostro_16_5630g7_7500_firmwarelatitude_3340_firmwareinspiron_13_5330_firmwarevostro_15_7510inspiron_7501_firmwareoptiplex_5090_tower_firmwareinspiron_14_5440inspiron_14_plus_7430_firmwareprecision_5860_tower_firmwareoptiplex_3280_all-in-one_firmwarelatitude_5521_firmwareoptiplex_3000_microinspiron_7500optiplex_all-in-one_7410_firmwarexps_17_9720_firmwarevostro_13_5310_firmwarelatitude_3450_firmwareprecision_5760_firmwarealienware_m15_r6_firmwarechengming_3910_firmwareinspiron_16_plus_7620_firmwareoptiplex_5090_small_form_factor_firmwareoptiplex_7080latitude_3120precision_7865_tower_firmwareprecision_3550_firmwarelatitude_3430_firmwareinspiron_14_5418inspiron_15_5510vostro_5301_firmwarevostro_15_3530inspiron_14_7440_2-in-1optiplex_micro_plus_7010precision_5560precision_5680vostro_7500g16_7630_firmwareoptiplex_5000_towerinspiron_24_5420_all-in-oneoptiplex_7000_xe_micro_firmwareprecision_5770inspiron_15_3530_firmwareinspiron_14_7430_2-in-1_firmwareoptiplex_5090_micro_firmwareprecision_5860_towerinspiron_14_5430_firmwareoptiplex_small_form_factor_plus_7010_firmwareinspiron_3910_firmwarelatitude_5330_firmwareoptiplex_5480_all-in-one_firmwareg15_5530optiplex_xe4_tower_firmwarelatitude_7320alienware_m15_r6xps_13_plus_9320inspiron_13_5310_firmwareprecision_3560_firmwareprecision_3581_firmwarexps_15_9520latitude_3450xps_17_9710_firmwarexps_15_9530_firmwareprecision_7960_tower_firmwareprecision_3561_firmwareprecision_3440_firmwareprecision_7875_towerprecision_3450_firmwareprecision_3260_xe_compactvostro_3020_tower_desktop_firmwarelatitude_3120_firmwareinspiron_5509xps_13_plus_9320_firmwareoptiplex_3000_micro_firmwareoptiplex_7090_ultra_firmwarevostro_5620_firmwareinspiron_15_7510alienware_x14_r2vostro_3030sxps_13_9310_2-in-1_firmwareprecision_3650_toweroptiplex_3000_thin_clientprecision_3260_compactprecision_7875_tower_firmwarelatitude_5340precision_3260_compact_firmwarevostro_5880optiplex_5000_micro_firmwareinspiron_27_7720_all-in-oneinspiron_7700_all-in-oneinspiron_3020_small_desktopinspiron_14_7440_2-in-1_firmwareinspiron_5401_firmwarevostro_5320_firmwarelatitude_5310_2-in-1inspiron_16_5640_firmwareprecision_3640_firmwarevostro_3890chengming_3991optiplex_3080_firmwareinspiron_3501optiplex_xe4_towerinspiron_3880_firmwareinspiron_5401_aioinspiron_16_5640latitude_5411latitude_5430latitude_7210_2-in-1inspiron_14_5430latitude_7320_detachable_firmwarexps_17_9730optiplex_5490_all-in-one_firmwarelatitude_7420_firmwarelatitude_5510_firmwareinspiron_24_5420_all-in-one_firmwarexps_13_9340inspiron_16_7620_2-in-1_firmwareinspiron_16_5630g16_7620_firmwareprecision_5480latitude_7230_rugged_extreme_firmwarevostro_3690_firmwareprecision_3571precision_7865_towerprecision_7560_firmwareprecision_5750_firmwarelatitude_3530_firmwareoptiplex_7000_microxps_13_9305latitude_7530_firmwarevostro_15_3530_firmwareinspiron_14_7420_2-in-1latitude_5510latitude_5310_2-in-1_firmwareoptiplex_7400_all-in-oneinspiron_15_7510_firmwareinspiron_16_plus_7640latitude_5320_firmwareprecision_5750inspiron_14_5440_firmwarelatitude_3520_firmwareinspiron_14_plus_7430vostro_3881_firmwareinspiron_7706_2-in-1optiplex_3000_small_form_factor_firmwareprecision_3561latitude_5530_firmwarelatitude_5511precision_3260_xe_compact_firmwareprecision_7780_firmwarevostro_5301precision_5680_firmwarevostro_15_3510_firmwarevostro_5880_firmwareprecision_5550_firmwareoptiplex_7780_all-in-one_firmwareinspiron_16_plus_7630_firmwarealienware_x16_r1_firmwareoptiplex_5000_small_form_factor_firmwareoptiplex_7090_tower_firmwareoptiplex_7480_all-in-onelatitude_9430_firmwarelatitude_3540_firmwareprecision_3571_firmwarexps_14_9440latitude_9430inspiron_7706_2-in-1_firmwareg5_5500_firmwarevostro_15_3520_firmwarechengming_3910inspiron_16_7630_2-in-1optiplex_5000_microlatitude_3440_firmwareoptiplex_7000_small_form_factorinspiron_5409_firmwarevostro_14_3440_firmwareinspiron_7400_firmwareinspiron_14_5420_firmwarelatitude_7320_firmwareprecision_3240_compact_firmwareoptiplex_3080optiplex_small_form_factor_7010_firmwarevostro_3890_firmwareprecision_5760latitude_3420optiplex_7000_small_form_factor_firmwarechengming_3991_firmwareoptiplex_7090_ultraprecision_3560latitude_3330_firmwareoptiplex_7080_firmwareg15_5520latitude_3440latitude_5440_firmwarevostro_3910vostro_5620inspiron_16_plus_7620inspiron_3880inspiron_7506_2-in-1inspiron_5400_firmwareinspiron_16_5630_firmwarexps_13_9315inspiron_15_5510_firmwareprecision_3580_firmwareprecision_3660latitude_3330latitude_7640_firmwarelatitude_3340latitude_5430_firmwarexps_13_9305_firmwarelatitude_3320inspiron_14_plus_7440vostro_5402_firmwareprecision_7680_firmwarevostro_13_5310latitude_5420_firmwareinspiron_7501alienware_x16_r2optiplex_tower_plus_7010_firmwarevostro_3500precision_7750latitude_7330_rugged_laptopvostro_16_5640vostro_7620precision_3480_firmwarelatitude_5531chengming_3990inspiron_14_plus_7420xps_9315_2-in-1_firmwareoptiplex_5400_all-in-oneinspiron_15_3520_firmwarelatitude_3410_firmwarevostro_14_3420_firmwareinspiron_5301_firmwareinspiron_16_plus_7640_firmwareinspiron_3881precision_3570inspiron_16_5620latitude_5410latitude_5440inspiron_24_5410_all-in-one_firmwareoptiplex_5000_small_form_factoralienware_x14_r2_firmwareoptiplex_3090_firmwarelatitude_9520_firmwarelatitude_3420_firmwareoptiplex_5090_microinspiron_5406_2-in-1_firmwarevostro_3681vostro_15_3510inspiron_16_plus_7630optiplex_5480_all-in-onevostro_16_5640_firmwarelatitude_5540vostro_5890_firmwarelatitude_7520_firmwarevostro_3030s_firmwarelatitude_7640precision_3580xps_17_9700precision_3650_tower_firmwareg15_5510_firmwarealienware_m16_r1_firmwarelatitude_3540latitude_5520latitude_5431_firmwarelatitude_7230_rugged_extremelatitude_7210_2-in-1_firmwarelatitude_5431g15_5511inspiron_13_5310inspiron_24_5411_all-in-onexps_15_9530latitude_5310precision_7770g3_3500_firmwarevostro_16_5630_firmwarelatitude_3520inspiron_24_5411_all-in-one_firmwarevostro_3681_firmwareoptiplex_7090_toweroptiplex_3000_thin_client_firmwarevostro_5502inspiron_16_7640_2-in-1_firmwareinspiron_3501_firmwarelatitude_7430_firmwareoptiplex_7480_all-in-one_firmwarexps_17_9710inspiron_24_5410_all-in-oneoptiplex_7780_all-in-oneoptiplex_small_form_factor_plus_7010latitude_3430latitude_7410latitude_5310_firmwareprecision_3460_small_form_factor_firmwareinspiron_15_3520inspiron_16_7630_2-in-1_firmwareoptiplex_tower_7010precision_3570_firmwareCPG BIOSlatitude_5340xps_17_9730latitude_9330precision_3660inspiron_5509vostro_15_3530g7_7700vostro_5502g5_5500latitude_9440_2in1inspiron_13_5330inspiron_5402inspiron_3030slatitude_5310latitude_9430inspiron_7700_aiolatitude_7420optiplex_micro_7010optiplex_tower_7010g7_7500inspiron_5409g16_7620inspiron_5400g15_5530alienware_15_r6precision_3580precision_5770latitude_7340optiplex_small_form_factor_7010latitude_9420vostro_5301alienware_16_r1latitude_5531alienware_18_r1precision_3440inspiron_5502precision_3581vostro_5402latitude_5540alienware_14_r2vostro_5880xps_17_9700inspiron_15_3530xps_9315_2in1inspiron_7400precision_5750latitude_5310_2_in_1inspiron_7300g3_3500latitude_7520precision_5570latitude_5330precision_3571inspiron_5401vostro_3030sg15_5511inspiron_5301latitude_7320vostro_14_3430
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36301
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.9||MEDIUM
EPSS-13.33% / 93.90%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 20:00
Updated-17 Sep, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac8_firmwareemc_idrac9_firmwareIntegrated Dell Remote Access Controller (iDRAC)
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36347
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.2||MEDIUM
EPSS-1.77% / 81.90%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 22:15
Updated-16 Sep, 2024 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system.

Action-Not Available
Vendor-Dell Inc.
Product-integrated_dell_remote_access_controller_9integrated_dell_remote_access_controller_8_firmwareintegrated_dell_remote_access_controller_8integrated_dell_remote_access_controller_9_firmwareIntegrated Dell Remote Access Controller (iDRAC)
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0162
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.07% / 23.05%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 16:18
Updated-04 Feb, 2025 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-poweredge_c6520_firmwarepoweredge_r660xs_firmwarepoweredge_xr11_firmwarepoweredge_r6615_firmwarepoweredge_t560_firmwarepoweredge_r760xd2_firmwarepoweredge_r6525_firmwarepoweredge_r960poweredge_hs5610emc_xc_core_xc7525xc_core_xc7625poweredge_mx750cpoweredge_xr11poweredge_c6520emc_xc_core_xc750_firmwarepoweredge_r350poweredge_r7515_firmwarepoweredge_xe9680poweredge_xe8640_firmwarepoweredge_xr8610t_firmwarepoweredge_t550poweredge_c6525poweredge_xe8545_firmwarepoweredge_r860poweredge_xr5610_firmwareemc_xc_core_xc750xa_firmwarepoweredge_r6515_firmwarepoweredge_r760xapoweredge_r860_firmwarepoweredge_r6625_firmwarepoweredge_t150_firmwarepoweredge_r250emc_xc_core_xc7525_firmwareemc_xc_core_xc750emc_xc_core_xc750xapoweredge_r760poweredge_xr12poweredge_r7615_firmwarepoweredge_xr8620temc_xc_core_xc450_firmwarepoweredge_xr8620t_firmwarepoweredge_r760xs_firmwarepoweredge_xr12_firmwarepoweredge_r6515emc_xc_core_xc650_firmwarepoweredge_t150poweredge_t560poweredge_xe8545poweredge_r650_firmwarepoweredge_xe9680_firmwarepoweredge_r760xd2poweredge_r760xspoweredge_xr8610tpoweredge_r350_firmwareemc_xc_core_xc650poweredge_r7625_firmwarexc_core_xc760poweredge_r7515emc_xc_core_xc450poweredge_r660xspoweredge_r550_firmwarepoweredge_c6620_firmwarepoweredge_xr7620_firmwarexc_core_xc660poweredge_c6525_firmwarexc_core_xc760_firmwarepoweredge_xe8640poweredge_r960_firmwarepoweredge_xe9640poweredge_r650xspoweredge_r6525emc_xc_core_xc6520_firmwarepoweredge_r750xapoweredge_t350poweredge_mx750c_firmwarepoweredge_r760_firmwarepoweredge_r250_firmwarepoweredge_c6620poweredge_r7525_firmwarepoweredge_xr4510c_firmwareemc_xc_core_xc6520poweredge_r750xa_firmwarepoweredge_r660poweredge_r450_firmwarepoweredge_xr7620poweredge_r7615poweredge_xe9640_firmwarepoweredge_r750xspoweredge_r650poweredge_xr4510cpoweredge_r7525poweredge_r760xa_firmwarepoweredge_r750xs_firmwarepoweredge_r660_firmwarepoweredge_t350_firmwarepoweredge_hs5610_firmwarepoweredge_r750poweredge_r650xs_firmwarepoweredge_xr4520c_firmwarepoweredge_r7625poweredge_c6615poweredge_r750_firmwarepoweredge_hs5620_firmwarexc_core_xc7625_firmwarepoweredge_mx760cpoweredge_mx760c_firmwarepoweredge_xr5610poweredge_r6625poweredge_r450xc_core_xc660_firmwarepoweredge_r6615poweredge_r550poweredge_t550_firmwarepoweredge_hs5620poweredge_xr4520cpoweredge_c6615_firmwarePowerEdge BIOS Intel 16G
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-44305
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.1||HIGH
EPSS-5.16% / 89.50%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 08:25
Updated-02 Aug, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.

Action-Not Available
Vendor-Dell Inc.
Product-dm5500_firmwaredm5500Dell PowerProtect Data Manager DM5500 Appliance
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-30102
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 3.23%
||
7 Day CHG~0.00%
Published-08 May, 2025 | 17:40
Updated-16 May, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-26479
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-3.1||LOW
EPSS-0.06% / 17.03%
||
7 Day CHG~0.00%
Published-10 Apr, 2025 | 02:32
Updated-15 Jul, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-26336
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.3||HIGH
EPSS-0.06% / 19.10%
||
7 Day CHG~0.00%
Published-21 Mar, 2025 | 02:23
Updated-27 Mar, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.

Action-Not Available
Vendor-Dell Inc.
Product-chassis_management_controller_for_poweredge_fx2chassis_management_controller_for_poweredge_vrtx_firmwarechassis_management_controller_for_poweredge_fx2_firmwarechassis_management_controller_for_poweredge_vrtxDell Chassis Management Controller (CMC) for PowerEdge VRTXDell Chassis Management Controller (CMC) for Dell PowerEdge FX2
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-25050
Matching Score-6
Assigner-Talos
ShareView Details
Matching Score-6
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.02% / 3.36%
||
7 Day CHG~0.00%
Published-13 Jun, 2025 | 21:03
Updated-17 Jun, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dell ControlVault3/ControlVault3 Plus cv_upgrade_sensor_firmware out-of-bounds write vulnerability

An out-of-bounds write vulnerability exists in the cv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an out-of-bounds write. An attacker can issue an API call to trigger this vulnerability.

Action-Not Available
Vendor-Dell Inc.Broadcom Inc.
Product-ControlVault3ControlVault3 PlusBCM5820X
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21572
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.04% / 9.93%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 17:00
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

Action-Not Available
Vendor-Dell Inc.
Product-optiplex_7090_uffxps_15_9510_firmwareinspiron_7500_firmwareinspiron_7300_firmwarelatitude_3520g5_5500precision_17_m5750_firmwareprecision_3561_firmwarexps_17_9710_firmwareg7_7500precision_7560vostro_3881_firmwarelatitude_5511_firmwareprecision_3550inspiron_3891_firmwarevostro_3888vostro_3888_firmwarelatitude_7420_firmwareinspiron_5501vostro_5501_firmwarelatitude_9420optiplex_5090_tower_firmwareprecision_3650_mt_firmwareoptiplex_5080inspiron_5400_aioinspiron_5502latitude_5511inspiron_7501precision_5550inspiron_7300_2-in-1xps_17_9700vostro_3400inspiron_3891xps_13_9305vostro_5310g3_3500latitude_9410_firmwareinspiron_7300_2-in-1_firmwareinspiron_7706_2-in-1_firmwareg15_5511_firmwarelatitude_7410_firmwarelatitude_7320latitude_5310_2-in-1optiplex_7090_tower_firmwarelatitude_3420inspiron_15_7510_firmwareinspiron_14_5418_firmwareg5_5500_firmwareinspiron_7506_firmwarelatitude_5410_firmwarelatitude_5310_2-in-1_firmwareinspiron_5409vostro_3890latitude_3510precision_3560_firmwarevostro_5401_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5406_2n1inspiron_5501_firmwareoptiplex_5080_firmwarexps_17_9700_firmwareinspiron_15_7510latitude_3420_firmwarevostro_14_5410latitude_7320_detachable_firmwarelatitude_9410optiplex_7080_firmwarelatitude_5310xps_15_9500inspiron_5508_firmwareprecision_3450precision_7550_firmwareoptiplex_7090_uff_firmwarechengming_3991precision_5560inspiron_5400_aio_firmwareinspiron_7501_firmwareg15_5510_firmwareinspiron_3881_firmwarelatitude_5521precision_17_m5750vostro_3501latitude_7520vostro_15_5510inspiron_5406_2n1_firmwareprecision_3450_firmwarechengming_3990inspiron_5301g7_7700_firmwareoptiplex_7090_towervostro_5880_firmwarexps_17_9710inspiron_5402inspiron_7700_aiovostro_3881vostro_5401latitude_5420_firmwareprecision_3561latitude_5520latitude_3410_firmwarevostro_5300inspiron_7400_firmwarelatitude_3320vostro_5301precision_3650_mtxps_15_9510latitude_7210_2-in-1inspiron_5410_2-in-1_firmwarevostro_5880precision_7750alienware_m15_r6_firmwareinspiron_5410_2-in-1latitude_3320_firmwarelatitude_9520_firmwareprecision_5560_firmwarevostro_3690_firmwareoptiplex_7080g15_5510latitude_5520_firmwareinspiron_15_5518vostro_7500_firmwarelatitude_5410inspiron_5310precision_3551latitude_5320_2-in-1_firmwareinspiron_7610vostro_5301_firmwarelatitude_5421vostro_5890latitude_9420_firmwarexps_13_2in1_9310latitude_5510inspiron_5400_2-in-1inspiron_5401_aio_firmwareinspiron_7610_firmwarelatitude_5320_2-in-1vostro_5300_firmwarevostro_3501_firmwareinspiron_5400_2-in-1_firmwareoptiplex_7780_all-in-one_firmwareprecision_3440xps_13_2in1_9310_firmwareprecision_3440_firmwarevostro_5402precision_3640_firmwareinspiron_7500_2-in-1_firmwarelatitude_5320precision_3550_firmwarelatitude_7410vostro_3690optiplex_3280_all-in-one_firmwarexps_15_9500_firmwarelatitude_5411inspiron_5300_firmwareprecision_7760vostro_7500optiplex_7490_all-in-oneinspiron_7306_2-in-1_firmwarevostro_3500_firmwarelatitude_7320_detachablelatitude_9520inspiron_5509optiplex_3090_uffoptiplex_5090_towervostro_3681latitude_7420inspiron_5300inspiron_7706_2-in-1inspiron_5508precision_5550_firmwarevostro_15_7510g7_7500_firmwarelatitude_5411_firmwarelatitude_3120_firmwarelatitude_3510_firmwareinspiron_15_5518_firmwareinspiron_5301_firmwareinspiron_5408_firmwarelatitude_7310_firmwareinspiron_7306_2-in-1xps_13_9310_firmwarelatitude_9510optiplex_3280_all-in-onelatitude_7520_firmwareprecision_5760_firmwarelatitude_5420inspiron_7300inspiron_5402_firmwarevostro_3681_firmwareprecision_7560_firmwarevostro_5890_firmwarelatitude_9510_firmwareoptiplex_5490_aio_firmwareprecision_7760_firmwarexps_13_9305_firmwarelatitude_7210_2-in-1_firmwarexps_13_9310vostro_15_7510_firmwarelatitude_5510_firmwareg7_7700vostro_5502inspiron_7506optiplex_7780_all-in-oneinspiron_5408inspiron_3501_firmwarevostro_5502_firmwareinspiron_3880g3_3500_firmwareoptiplex_3080_firmwarelatitude_3410precision_7550vostro_5402_firmwareoptiplex_7490_all-in-one_firmwareinspiron_3881vostro_14_5410_firmwarelatitude_5320_firmwareoptiplex_3080inspiron_3501latitude_5310_firmwarealienware_m15_r6vostro_3890_firmwareoptiplex_5490_aiolatitude_7310latitude_5421_firmwareinspiron_7500g15_5511optiplex_3090_uff_firmwareprecision_5760inspiron_5401_firmwarevostro_15_5510_firmwarevostro_5501optiplex_7480_all-in-onechengming_3990_firmwarelatitude_7320_firmwarelatitude_3120precision_3560inspiron_5401_aioprecision_3551_firmwareprecision_3640inspiron_7700_aio_firmwarevostro_3400_firmwarevostro_5310_firmwareinspiron_5509_firmwareoptiplex_7480_all-in-one_firmwarevostro_3500precision_7750_firmwareinspiron_5502_firmwarelatitude_3520_firmwarechengming_3991_firmwareinspiron_14_5418inspiron_5409_firmwareinspiron_7400inspiron_7500_2-in-1latitude_5521_firmwareinspiron_5401BIOSConnect
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 15
  • 16
  • Next
Details not found