Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-28056

Summary
Assigner-dell
Assigner Org ID-c550e75a-17ff-4988-97f0-544cde3820fe
Published At-23 Jun, 2023 | 09:46
Updated At-08 Nov, 2024 | 14:06
Rejected At-
Credits

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:dell
Assigner Org ID:c550e75a-17ff-4988-97f0-544cde3820fe
Published At:23 Jun, 2023 | 09:46
Updated At:08 Nov, 2024 | 14:06
Rejected At:
▼CVE Numbering Authority (CNA)

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Affected Products
Vendor
Dell Inc.Dell
Product
CPG BIOS
Default Status
unaffected
Versions
Affected
  • All Versions
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20: Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20: Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.15.1MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
Version: 3.1
Base score: 5.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities
vendor-advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities
vendor-advisory
x_transferred
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities
Resource:
vendor-advisory
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security_alert@emc.com
Published At:23 Jun, 2023 | 10:15
Updated At:28 Jun, 2023 | 03:21

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.15.1MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
Type: Primary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 5.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
CPE Matches
Dell Inc.
dell
>>alienware_area_51m_r1_firmware>>Versions before 1.26.0(exclusive)
cpe:2.3:o:dell:alienware_area_51m_r1_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_area_51m_r1>>-
cpe:2.3:h:dell:alienware_area_51m_r1:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_area_51m_r2_firmware>>Versions before 1.22.0(exclusive)
cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_area_51m_r2>>-
cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_aurora_r11_firmware>>Versions before 1.0.20(exclusive)
cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_aurora_r11>>-
cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_aurora_r12_firmware>>Versions before 1.1.20(exclusive)
cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_aurora_r12>>-
cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_aurora_r13_firmware>>Versions before 1.12.0(exclusive)
cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_aurora_r13>>-
cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_aurora_r15_firmware>>Versions before 1.1.0(exclusive)
cpe:2.3:o:dell:alienware_aurora_r15_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_aurora_r15>>-
cpe:2.3:h:dell:alienware_aurora_r15:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m15_r2_firmware>>Versions before 1.22.0(exclusive)
cpe:2.3:o:dell:alienware_m15_r2_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m15_r2>>-
cpe:2.3:h:dell:alienware_m15_r2:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m15_r3_firmware>>Versions before 1.23.0(exclusive)
cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m15_r3>>-
cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m15_r4_firmware>>Versions before 1.17.0(exclusive)
cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m15_r4>>-
cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m15_r6_firmware>>Versions before 1.21.0(exclusive)
cpe:2.3:o:dell:alienware_m15_r6_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m15_r6>>-
cpe:2.3:h:dell:alienware_m15_r6:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m15_r7_firmware>>Versions before 1.16.0(exclusive)
cpe:2.3:o:dell:alienware_m15_r7_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m15_r7>>-
cpe:2.3:h:dell:alienware_m15_r7:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m16_firmware>>Versions before 1.7.0(exclusive)
cpe:2.3:o:dell:alienware_m16_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m16>>-
cpe:2.3:h:dell:alienware_m16:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m17_r2_firmware>>Versions before 1.22.0(exclusive)
cpe:2.3:o:dell:alienware_m17_r2_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m17_r2>>-
cpe:2.3:h:dell:alienware_m17_r2:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m17_r3_firmware>>Versions before 1.23.0(exclusive)
cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m17_r3>>-
cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m17_r4_firmware>>Versions before 1.17.0(exclusive)
cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_m17_r4>>-
cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_x14_firmware>>Versions before 1.12.0(exclusive)
cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_x14>>-
cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_x15_r1_firmware>>Versions before 1.18.0(exclusive)
cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_x15_r1>>-
cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_x15_r2_firmware>>Versions before 1.13.0(exclusive)
cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_x15_r2>>-
cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_x17_r1_firmware>>Versions before 1.18.0(exclusive)
cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_x17_r1>>-
cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_x17_r2_firmware>>Versions before 1.13.0(exclusive)
cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>alienware_x17_r2>>-
cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>chengming_3900_firmware>>Versions before 1.11.0(exclusive)
cpe:2.3:o:dell:chengming_3900_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>chengming_3900>>-
cpe:2.3:h:dell:chengming_3900:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>chengming_3901_firmware>>Versions before 1.11.0(exclusive)
cpe:2.3:o:dell:chengming_3901_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>chengming_3901>>-
cpe:2.3:h:dell:chengming_3901:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>chengming_3910_firmware>>Versions before 1.1.0(exclusive)
cpe:2.3:o:dell:chengming_3910_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>chengming_3910>>-
cpe:2.3:h:dell:chengming_3910:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>chengming_3911_firmware>>Versions before 1.1.0(exclusive)
cpe:2.3:o:dell:chengming_3911_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>chengming_3911>>-
cpe:2.3:h:dell:chengming_3911:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>chengming_3980_firmware>>Versions before 2.29.0(exclusive)
cpe:2.3:o:dell:chengming_3980_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>chengming_3980>>-
cpe:2.3:h:dell:chengming_3980:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarysecurity_alert@emc.com
CWE ID: CWE-20
Type: Primary
Source: security_alert@emc.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilitiessecurity_alert@emc.com
Vendor Advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities
Source: security_alert@emc.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

336Records found
CVE-2021-21590
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.12% / 31.25%
||
7 Day CHG~0.00%
Published-12 Jul, 2021 | 15:40
Updated-16 Sep, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

Action-Not Available
Vendor-Dell Inc.
Product-emc_unity_operating_environmentemc_unityvsa_operating_environmentemc_unity_xt_operating_environmentUnity
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-21595
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.14% / 34.19%
||
7 Day CHG-0.05%
Published-16 Aug, 2021 | 22:00
Updated-17 Sep, 2024 | 00:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privileges. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-44279
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.70%
||
7 Day CHG~0.00%
Published-14 Dec, 2023 | 15:22
Updated-01 Oct, 2024 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A local high privileged attacker could potentially exploit this vulnerability, to bypass security restrictions. Exploitation may lead to a system take over by an attacker

Action-Not Available
Vendor-Dell Inc.
Product-powerprotect_data_domainpowerprotect_data_protectiondd9400dp5900apex_protection_storagepowerprotect_data_domain_management_centeremc_data_domain_osdd6400dd3300dd9900dd6900dp4400PowerProtect DDpowerprotect_data_domain
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-44278
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.21%
||
7 Day CHG~0.00%
Published-14 Dec, 2023 | 15:17
Updated-02 Aug, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a path traversal vulnerability. A local high privileged attacker could potentially exploit this vulnerability, to gain unauthorized read and write access to the OS files stored on the server filesystem, with the privileges of the running application.

Action-Not Available
Vendor-Dell Inc.
Product-powerprotect_data_domainpowerprotect_data_protectiondd9400dp5900apex_protection_storagepowerprotect_data_domain_management_centerdd6400emc_data_domain_osdd3300dd9900dd6900dp4400PowerProtect DD
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-43066
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.1||MEDIUM
EPSS-0.00% / 0.18%
||
7 Day CHG~0.00%
Published-23 Oct, 2023 | 15:00
Updated-11 Sep, 2024 | 14:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentunityvsa_operating_environmentunity_xt_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-29499
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.16% / 37.54%
||
7 Day CHG~0.00%
Published-19 Jul, 2021 | 21:30
Updated-17 Sep, 2024 | 01:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerstorePowerStore
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-29489
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.02% / 3.46%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-16 Sep, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text password storage vulnerability. A user credentials (including the Unisphere admin privilege user) password is stored in a plain text in a system file. A local authenticated attacker with access to the system files may use the exposed password to gain access with the privileges of the compromised user.

Action-Not Available
Vendor-Dell Inc.
Product-emc_unity_vsa_operating_environmentemc_unity_operating_environmentemc_unity_xt_operating_environmentUnity
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2020-29500
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 6.63%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-17 Sep, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerstoreemc_powerstore_firmwarePowerStore
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2020-29502
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 6.63%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-17 Sep, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerstoreemc_powerstore_firmwarePowerStore
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2020-26199
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.05% / 13.92%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-16 Sep, 2024 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a plain-text password storage vulnerability. A user credentials (including the Unisphere admin privilege user) password is stored in a plain text in multiple log files. A local authenticated attacker with access to the log files may use the exposed password to gain access with the privileges of the compromised user.

Action-Not Available
Vendor-Dell Inc.
Product-emc_unity_vsa_operating_environmentemc_unity_operating_environmentemc_unity_xt_operating_environmentUnity
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2025-30096
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.69%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 14:32
Updated-12 Aug, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-PowerProtect Data Domain LTS 2023PowerProtect Data Domain Feature ReleasePowerProtect Data Domain LTS2024
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-28063
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.54%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 07:38
Updated-02 Aug, 2024 | 12:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_24_5410_all-in-onelatitude_5401vostro_5391_firmwarexps_15_9510_firmwarelatitude_3520precision_3561_firmwarexps_17_9710_firmwareoptiplex_tower_plus_7010_firmwareprecision_7770_firmwareprecision_7560inspiron_5590_firmwareg7_17_7790_firmwareoptiplex_all-in-one_7410_firmwarexps_13_9315inspiron_7490optiplex_5090_small_form_factor_firmwareprecision_7540inspiron_15_3511_firmwarelatitude_9420inspiron_5490_firmwareprecision_5470_firmwarelatitude_5590optiplex_5080inspiron_5502latitude_5511inspiron_5620_firmwareinspiron_7501latitude_7390_2-in-1inspiron_7300_2-in-1chengming_3911_firmwareprecision_5530_2-in-1precision_5550xps_17_9700optiplex_3000_microoptiplex_7000_microlatitude_5300vostro_3400g3_3500optiplex_3000_tower_firmwareoptiplex_micro_7010_firmwarelatitude_7320latitude_7300optiplex_7090g7_17_7700_firmwareinspiron_7000latitude_3420latitude_7490_firmwareoptiplex_tower_7010latitude_5310_2-in-1_firmwareprecision_3570inspiron_7490_firmwareinspiron_5409latitude_7400latitude_5591inspiron_3511_firmwarelatitude_5531_firmwareinspiron_14_5410precision_3570_firmwareprecision_5770_firmwarelatitude_3400latitude_3420_firmwareg5_5000xps_15_9575_2-in-1inspiron_14_5420_firmwareinspiron_5491_2-in-1_firmwareoptiplex_3090_firmwareg15_5520_firmwarelatitude_3530inspiron_7506_2-in-1_firmwarexps_13_plus_9320optiplex_7000_small_form_factor_firmwarelatitude_7320_detachable_firmwarelatitude_9410optiplex_7400_all-in-oneoptiplex_7080_firmwarelatitude_5420_rugged_firmwarelatitude_5310latitude_5530vostro_5391latitude_5431_firmwarelatitude_5420_ruggedoptiplex_7090_ultra_firmwareinspiron_7000_firmwareprecision_3450chengming_3900latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7330_firmwarexps_15_9520_firmwarevostro_3020_small_desktopvostro_5591precision_5560optiplex_5400_all-in-one_firmwarelatitude_7430_firmwarelatitude_3330_firmwareinspiron_3881_firmwarelatitude_5521optiplex_7000_tower_firmwareoptiplex_5480_all-in-one_firmwareprecision_3540precision_5570_firmwareinspiron_3910inspiron_7510_firmwarelatitude_7520optiplex_7400_all-in-one_firmwareinspiron_7500_2-in-1_black_firmwarelatitude_3310latitude_5290_2-in-1optiplex_3090latitude_7290vostro_5410vostro_7620_firmwareinspiron_16_7620_2-in-1inspiron_5402latitude_5430_firmwarelatitude_7230_rugged_extreme_tabletprecision_7540_firmwarevostro_3881inspiron_7391_firmwarevostro_5401inspiron_24_5411_all-in-one_firmwarelatitude_5420_firmwareprecision_3561inspiron_14_7420_2-in-1vostro_5300inspiron_3493_firmwareoptiplex_3000_towerprecision_3460_xe_small_form_factor_firmwarelatitude_3190_2-in-1_firmwarevostro_5301xps_15_9510inspiron_16_plus_7620latitude_7210_2-in-1inspiron_7590vostro_5880precision_3260_compactalienware_m15_r7_firmwarealienware_m15_r6_firmwarelatitude_5491latitude_3140_firmwarelatitude_9520_firmwareprecision_5560_firmwarelatitude_5330vostro_3690_firmwarelatitude_5520_firmwareoptiplex_5480_all-in-oneinspiron_24_5410_all-in-one_firmwareinspiron_5591_2-in-1_firmwarelatitude_5400latitude_5410precision_7865_towerprecision_3541xps_8940precision_7730_firmwareprecision_3551latitude_5401_firmwareoptiplex_all-in-one_7410optiplex_3000_small_form_factor_firmwareprecision_7730inspiron_3520precision_3640_tower_firmwareinspiron_7610vostro_5301_firmwareg7_17_7790vostro_5890inspiron_5400_2-in-1latitude_5400_firmwareinspiron_7610_firmwareinspiron_5400_2-in-1_firmwareg7_15_7590inspiron_7391latitude_9330_firmwareinspiron_7700_all-in-oneprecision_3440latitude_rugged_7220ex_firmwareinspiron_13_5320vostro_5402optiplex_tower_7010_firmwareoptiplex_7090_ultrag5_5000_firmwareprecision_3550_firmwarelatitude_3310_firmwarevostro_3690precision_3460_small_form_factor_firmwareinspiron_5300_firmwareoptiplex_xe4_oemready_firmwarelatitude_7530optiplex_7490_all-in-onevostro_7500alienware_m15_r7inspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareoptiplex_5090_towervostro_3681latitude_7400_2-in-1_firmwareprecision_3530latitude_5411_firmwarelatitude_3510_firmwareinspiron_3593inspiron_15_5518_firmwareprecision_7740optiplex_tower_plus_7010latitude_7310_firmwareoptiplex_3000_thin_clientinspiron_7306_2-in-1latitude_7530_firmwarexps_13_9310_firmwarexps_13_7390_firmwarelatitude_9510optiplex_3280_all-in-oneprecision_5760_firmwarevostro_3420_firmwarevostro_3681_firmwarevostro_5890_firmwarelatitude_9510_firmwareinspiron_3910_firmwareinspiron_5406_2-in-1precision_7760_firmwarelatitude_5300_2-in-1_firmwareinspiron_3511xps_13_9305_firmwareinspiron_5410vostro_5502optiplex_7780_all-in-oneinspiron_5490inspiron_3501_firmwarelatitude_5300_firmwareinspiron_3880optiplex_7000_xe_microprecision_7865_tower_firmwarexps_17_9720precision_7550inspiron_5391optiplex_small_form_factor_7010g5_15_5590_firmwareinspiron_5598inspiron_14_plus_7420latitude_5320_firmwareg7_15_7590_firmwareoptiplex_3080xps_13_9315_firmwarexps_13_9300_firmwareprecision_5750inspiron_27_7710_all-in-one_firmwarelatitude_rugged_5430precision_5570inspiron_7591latitude_7310inspiron_14_5410_firmwareinspiron_7500g15_5511inspiron_5620precision_5760optiplex_7480_all-in-onechengming_3990_firmwareprecision_3551_firmwareinspiron_3020_small_desktop_firmwarelatitude_9430vostro_3400_firmwarevostro_5310_firmwarelatitude_5290_firmwarelatitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwarelatitude_7390vostro_3500xps_13_9315_2-in-1precision_7750_firmwarelatitude_3520_firmwarechengming_3991_firmwarevostro_7590_firmwareinspiron_14_5418inspiron_7400latitude_9430_firmwareprecision_3650_tower_firmwareinspiron_24_5411_all-in-onevostro_3510xps_13_9310_2-in-1inspiron_5400_firmwarelatitude_5424_ruggedinspiron_7500_firmwareprecision_3541_firmwareinspiron_5591_2-in-1latitude_7330inspiron_14_5420inspiron_7506_2-in-1latitude_5330_firmwareprecision_3650_towervostro_3881_firmwarelatitude_7200_2-in-1latitude_5511_firmwarelatitude_3430_firmwareprecision_3550inspiron_3891_firmwareoptiplex_3090_ultra_firmwarexps_13_7390_2-in-1_firmwarelatitude_7420_firmwareinspiron_5501vostro_5501_firmwarelatitude_3310_2-in-1optiplex_5090_tower_firmwareoptiplex_3090_ultralatitude_5490vostro_5620_firmwareinspiron_3520_firmwarelatitude_3190_2-in-1inspiron_3891xps_13_9305vostro_5310optiplex_7000_xe_micro_firmwarelatitude_9410_firmwarevostro_7590optiplex_7090_firmwareinspiron_7300_2-in-1_firmwarelatitude_5300_2-in-1latitude_7424_rugged_extreme_firmwareg15_5511_firmwarelatitude_7410_firmwareprecision_3660latitude_5310_2-in-1vostro_3910inspiron_14_5418_firmwarelatitude_7230_rugged_extreme_tablet_firmwarelatitude_rugged_7330_firmwareinspiron_3020_desktoplatitude_7390_firmwarelatitude_5500_firmwarelatitude_5410_firmwarelatitude_5430xps_13_7390latitude_3530_firmwarelatitude_3400_firmwarevostro_3890latitude_3510chengming_3901_firmwareprecision_3560_firmwarelatitude_5495_firmwarevostro_5401_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5501_firmwareg7_15_7500optiplex_5080_firmwareinspiron_14_7420_2-in-1_firmwarexps_17_9700_firmwarevostro_3520_firmwareoptiplex_xe4_firmwareoptiplex_7000_micro_firmwarelatitude_5530_firmwareprecision_5470vostro_3590precision_3470_firmwareoptiplex_small_form_factor_plus_7010inspiron_15_5510vostro_5590_firmwarevostro_3020_tower_desktop_firmwareinspiron_16_plus_7620_firmwareprecision_7530_firmwarechengming_3901optiplex_5000_tower_firmwareoptiplex_micro_7010xps_13_9300xps_15_9500latitude_5500inspiron_5508_firmwareprecision_7550_firmwarelatitude_3500_firmwarechengming_3900_firmwarechengming_3991precision_3260_xe_compact_firmwareprecision_3260_xe_compactinspiron_7501_firmwareoptiplex_5090_small_form_factorinspiron_7500_2-in-1_blackg15_5510_firmwarevostro_7510_firmwarelatitude_5290_2-in-1_firmwarevostro_7510inspiron_7791latitude_5501latitude_7400_firmwarevostro_5320_firmwareprecision_3450_firmwareprecision_3460_small_form_factorchengming_3990inspiron_5301latitude_5491_firmwareprecision_3470vostro_5880_firmwarexps_17_9710inspiron_3493precision_5750_firmwareoptiplex_small_form_factor_plus_7010_firmwarelatitute_5421latitude_5520latitude_3410_firmwareinspiron_7510inspiron_7400_firmwareprecision_3260_compact_firmwareoptiplex_5400_all-in-onelatitude_3320precision_3530_firmwarexps_13_9310_2-in-1_firmwarevostro_5320xps_13_9315_2-in-1_firmwarexps_15_9575_2-in-1_firmwareinspiron_3020_small_desktopprecision_7750latitude_3430latitude_3320_firmwareoptiplex_5490_all-in-one_firmwareoptiplex_7080g15_5510inspiron_15_5518vostro_7500_firmwarelatitude_9330inspiron_16_7620_2-in-1_firmwareinspiron_15_3511inspiron_5310vostro_5510_firmwarelatitude_5424_rugged_firmwareoptiplex_5000_small_form_factor_firmwarelatitude_rugged_7330chengming_3910_firmwarelatitude_7300_firmwarelatitude_9420_firmwarelatitude_5510g7_17_7700inspiron_5401_aio_firmwarevostro_5300_firmwareoptiplex_5090_micro_firmwareinspiron_3593_firmwareoptiplex_7780_all-in-one_firmwarevostro_3710_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwareoptiplex_5000_micro_firmwarelatitude_3310_2-in-1_firmwareg7_15_7500_firmwarelatitude_5320latitude_3330optiplex_7000_small_form_factorlatitude_7410latitude_5501_firmwareprecision_3571xps_13_7390_2-in-1optiplex_3280_all-in-one_firmwarexps_15_9500_firmwareoptiplex_xe4_oemreadylatitude_5411optiplex_5090_microvostro_3020_tower_desktopprecision_7760xps_17_9720_firmwarevostro_3500_firmwareinspiron_7306_2-in-1_firmwarelatitude_7320_detachablelatitude_9520vostro_3520inspiron_5509vostro_3590_firmwareinspiron_5406_2-in-1_firmwareinspiron_27_7710_all-in-oneinspiron_5498latitude_7420inspiron_7591_firmwarelatitude_5290inspiron_5300precision_7670inspiron_5508precision_5550_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_5490precision_7670_firmwareinspiron_5301_firmwareinspiron_5408_firmwareinspiron_5498_firmwareprecision_3571_firmwarevostro_5490_firmwarevostro_5620latitude_7520_firmwarelatitude_5431vostro_3710optiplex_3000_thin_client_firmwarelatitude_5420inspiron_5402_firmwareprecision_7560_firmwareoptiplex_micro_plus_7010latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5510inspiron_3490precision_7770latitude_7210_2-in-1_firmwarelatitude_rugged_5430_firmwarexps_13_9310latitude_5510_firmwarevostro_3510_firmwareoptiplex_5000_microinspiron_5410_firmwareinspiron_15_5510_firmwareinspiron_5408vostro_5410_firmwarevostro_5502_firmwareprecision_3540_firmwarelatitude_7430g3_3500_firmwareoptiplex_3000_small_form_factoroptiplex_3080_firmwarexps_13_plus_9320_firmwareoptiplex_small_form_factor_7010_firmwarelatitude_3410vostro_5402_firmwarelatitude_rugged_7220g5_15_5590inspiron_7700_all-in-one_firmwareinspiron_3881optiplex_7490_all-in-one_firmwarexps_13_9380latitude_5531precision_3660_firmwarevostro_3020_small_desktop_firmwarechengming_3910optiplex_3000_micro_firmwarevostro_3420optiplex_5000_small_form_factorlatitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_3140latitude_3500latitude_5310_firmwarealienware_m15_r6vostro_3890_firmwarexps_15_7590latitude_3300vostro_5590optiplex_micro_plus_7010_firmwareinspiron_5401_firmwareprecision_3460_xe_small_form_factorvostro_5501xps_15_9520latitude_7320_firmwareoptiplex_5490_all-in-onexps_8940_firmwarelatitude_3120latitude_rugged_7220_firmwareprecision_3560inspiron_5401_aiolatitude_rugged_7220exinspiron_5509_firmwarelatitude_7200_2-in-1_firmwareinspiron_3020_desktop_firmwareinspiron_5598_firmwareinspiron_13_5320_firmwarevostro_3910_firmwarelatitude_7290_firmwareprecision_5770chengming_3911precision_7530vostro_7620inspiron_5391_firmwareinspiron_5502_firmwarexps_15_7590_firmwareinspiron_3490_firmwareinspiron_14_plus_7420_firmwareg15_5520inspiron_5409_firmwarexps_13_9380_firmwarelatitude_7490optiplex_7000_towerlatitude_5521_firmwareoptiplex_5000_towerinspiron_5401latitute_5421_firmwareoptiplex_xe4vostro_5591_firmwareCPG BIOS
CWE ID-CWE-195
Signed to Unsigned Conversion Error
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2025-30097
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.69%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 14:38
Updated-12 Aug, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges

Action-Not Available
Vendor-Dell Inc.
Product-PowerProtect Data Domain LTS 2023PowerProtect Data Domain Feature ReleasePowerProtect Data Domain LTS2024
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-30098
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.69%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 14:42
Updated-12 Aug, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-PowerProtect Data Domain LTS 2023PowerProtect Data Domain Feature ReleasePowerProtect Data Domain LTS2024
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-34408
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 8.45%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:07
Updated-26 Feb, 2025 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34417
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 8.45%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:50
Updated-26 Feb, 2025 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34418
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 8.45%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:52
Updated-26 Feb, 2025 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-18577
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 28.94%
||
7 Day CHG~0.00%
Published-13 Mar, 2020 | 20:30
Updated-16 Sep, 2024 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC XtremIO XMS versions prior to 6.3.0 contain an incorrect permission assignment vulnerability. A malicious local user with XtremIO xinstall privileges may exploit this vulnerability to gain root access.

Action-Not Available
Vendor-Dell Inc.
Product-xtremio_management_serverXtremIO
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-18576
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.12% / 31.47%
||
7 Day CHG~0.00%
Published-13 Mar, 2020 | 20:30
Updated-16 Sep, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC XtremIO XMS versions prior to 6.3.0 contain an information disclosure vulnerability where OS users’ passwords are logged in local files. Malicious local users with access to the log files may use the exposed passwords to gain access to XtremIO with the privileges of the compromised user.

Action-Not Available
Vendor-Dell Inc.
Product-xtremio_management_serverXtremIO
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2023-32490
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.88%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 13:40
Updated-08 Oct, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-32494
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.88%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 12:56
Updated-08 Oct, 2024 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-274
Improper Handling of Insufficient Privileges
CVE-2023-32461
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5||MEDIUM
EPSS-0.07% / 20.54%
||
7 Day CHG~0.00%
Published-15 Sep, 2023 | 06:56
Updated-25 Sep, 2024 | 14:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.  

Action-Not Available
Vendor-Dell Inc.
Product-poweredge_r7515poweredge_r7615_firmwarepoweredge_r250poweredge_t560_firmwarepoweredge_r6515_firmwareemc_xc_core_xc6520_firmwarepoweredge_hs5610_firmwarepoweredge_xr4510c_firmwarepoweredge_xr12poweredge_r7515_firmwarepoweredge_xr8620t_firmwareemc_xc_core_xc450_firmwarepoweredge_r760xa_firmwarepoweredge_xr8620tpoweredge_mx750c_firmwarepoweredge_r750poweredge_r650_firmwareemc_xc_core_xc650_firmwarepoweredge_xe8640poweredge_c6520_firmwarepoweredge_xe9680poweredge_r550_firmwareemc_xc_core_xc750_firmwarepoweredge_t150_firmwarepoweredge_r760xd2_firmwarepoweredge_r250_firmwarepoweredge_r760_firmwarepoweredge_r550poweredge_r350_firmwarepoweredge_r750_firmwarepoweredge_xr4510cpoweredge_r660_firmwarepoweredge_c6525_firmwarepoweredge_c6525emc_xc_core_xc650poweredge_r6625_firmwarepoweredge_r750xspoweredge_t550_firmwarepoweredge_xr7620_firmwarepoweredge_r660poweredge_xr11_firmwarepoweredge_t350poweredge_r860poweredge_r650poweredge_r650xs_firmwarepoweredge_xr11poweredge_xr12_firmwarepoweredge_c6620poweredge_xr4520cpoweredge_r7625_firmwarepoweredge_r760xaemc_xc_core_xc7525_firmwarepoweredge_t560poweredge_t150poweredge_xe9680_firmwarepoweredge_r650xspoweredge_xr7620poweredge_xr5610_firmwarepoweredge_xr4520c_firmwarepoweredge_r7525_firmwarepoweredge_c6620_firmwarepoweredge_mx760c_firmwarepoweredge_r660xspoweredge_r6525poweredge_xe8545_firmwarepoweredge_r7525poweredge_r6615_firmwareemc_xc_core_xc750xa_firmwarepoweredge_r6615poweredge_mx760cpoweredge_xe8545emc_xc_core_xc7525poweredge_r750xapoweredge_t550emc_xc_core_xc750poweredge_r660xs_firmwarepoweredge_hs5620poweredge_r760xs_firmwarepoweredge_r6515poweredge_r760emc_xc_core_xc450poweredge_r6525_firmwarepoweredge_mx750cemc_xc_core_xc750xapoweredge_r960poweredge_r350poweredge_r7625poweredge_r450_firmwarepoweredge_xe8640_firmwarepoweredge_r750xa_firmwarepoweredge_r960_firmwarepoweredge_r760xspoweredge_r7615poweredge_r760xd2poweredge_c6520poweredge_xr5610poweredge_r450poweredge_r750xs_firmwarepoweredge_hs5610poweredge_t350_firmwarepoweredge_r860_firmwarepoweredge_r6625poweredge_hs5620_firmwareemc_xc_core_xc6520PowerEdge Platform
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-32489
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.52%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 13:36
Updated-08 Oct, 2024 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges.  

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-280
Improper Handling of Insufficient Permissions or Privileges
CVE-2024-52537
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.3||MEDIUM
EPSS-0.01% / 2.09%
||
7 Day CHG~0.00%
Published-11 Dec, 2024 | 07:26
Updated-04 Feb, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Action-Not Available
Vendor-Dell Inc.Linux Kernel Organization, IncMicrosoft Corporation
Product-windowsdock_wd19_firmware_update_utilitylinux_kerneldock_wd22tb4_firmware_update_utilitydock_hd22q_firmware_update_utilityDell Client Platform BIOS
CWE ID-CWE-61
UNIX Symbolic Link (Symlink) Following
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-48015
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.10%
||
7 Day CHG+0.01%
Published-17 Mar, 2025 | 17:16
Updated-14 Jul, 2025 | 20:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-22550
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.86%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 17:50
Updated-17 Sep, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-549
Missing Password Field Masking
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2018-1185
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-1.52% / 80.50%
||
7 Day CHG~0.00%
Published-03 Feb, 2018 | 01:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Admin CLI may allow a malicious user with admin privileges to escape from the restricted shell to an interactive shell and run arbitrary commands with root privileges.

Action-Not Available
Vendor-n/aDell Inc.
Product-emc_recoverpointemc_recoverpoint_for_virtual_machinesEMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, EMC RecoverPoint versions prior to 5.0.1.3
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-43589
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.06% / 18.72%
||
7 Day CHG~0.00%
Published-24 Jan, 2022 | 20:10
Updated-17 Sep, 2024 | 00:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system (OS) command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the Unity underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege.

Action-Not Available
Vendor-Dell Inc.
Product-emc_unity_operating_environmentemc_unityvsa_operating_environmentemc_unity_xt_operating_environmentUnity
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-36318
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.87%
||
7 Day CHG~0.00%
Published-21 Dec, 2021 | 17:05
Updated-17 Sep, 2024 | 02:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage vulnerability. A high privileged user could potentially exploit this vulnerability, leading to a complete outage.

Action-Not Available
Vendor-Dell Inc.
Product-emc_avamar_serverAvamar
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-36290
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.11% / 30.42%
||
7 Day CHG~0.00%
Published-08 Apr, 2022 | 19:50
Updated-16 Sep, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain privileges.

Action-Not Available
Vendor-Dell Inc.
Product-vnxe1600vnx5600vnx5400vnx5800vnx_vg10emc_unity_operating_environmentvnx5200vnx_vg50vnx7600vnx8000VNX2
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-53292
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.02% / 4.05%
||
7 Day CHG~0.00%
Published-11 Dec, 2024 | 07:55
Updated-04 Feb, 2025 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in the shell wrapper. A local high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable component with privileges of the compromised account.

Action-Not Available
Vendor-Dell Inc.
Product-vxrail_hyperconverged_infrastructureDell VxRail HCI
CWE ID-CWE-256
Plaintext Storage of a Password
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-5363
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.6||HIGH
EPSS-0.05% / 14.44%
||
7 Day CHG~0.00%
Published-10 Jun, 2020 | 20:40
Updated-16 Sep, 2024 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Admin password. This could potentially allow an unauthorized actor, with physical access and/or OS administrator privileges to the device, to gain privileged access to the platform and the hard drive.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_7300latitude_5401precision_7740_firmwareprecision_3541precision_3541_firmwarelatitude_5401_firmwareprecision_7540_firmwarelatitude_5500_firmwareprecision_3540_firmwarelatitude_5300_firmwarexps_13_9300xps_7390_2-in-1_firmwarelatitude_7300_firmwarelatitude_5500latitude_7400latitude_5400_firmwarelatitude_7200_2_in_1_firmwarelatitude_7220_firmwareprecision_7540precision_7740latitude_7220ex_rugged_extreme_tabletxps_7590_firmwarelatitude_7220ex_rugged_extreme_tablet_firmwarexps_7590latitude_7220latitude_7200_2_in_1latitude_5501latitude_5300latitude_7400_firmwareprecision_3540xps_13_9300_firmwarexps_7390_2-in-1latitude_5501_firmwarelatitude_5300_2-in-1latitude_5300_2-in-1_firmwarelatitude_5400Dell Client Consumer and Commercial platforms
CWE ID-CWE-158
Improper Neutralization of Null Byte or NUL Character
CVE-2020-29501
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.03% / 6.63%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerstoreemc_powerstore_firmwarePowerStore
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2022-34406
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 8.45%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:00
Updated-26 Feb, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24423
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.85% / 73.98%
||
7 Day CHG~0.00%
Published-21 Apr, 2022 | 20:50
Updated-16 Sep, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC8 versions prior to 2.83.83.83 contain a denial of service vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to cause resource exhaustion in the webserver, resulting in a denial of service condition.

Action-Not Available
Vendor-Dell Inc.
Product-integrated_dell_remote_access_controller_8_firmwareintegrated_dell_remote_access_controller_8Integrated Dell Remote Access Controller 8
CWE ID-CWE-20
Improper Input Validation
CVE-2024-38303
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.03% / 5.45%
||
7 Day CHG~0.00%
Published-29 Aug, 2024 | 04:34
Updated-20 Dec, 2024 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

Action-Not Available
Vendor-Dell Inc.
Product-emc_xc_core_xc740xd_systememc_xc_core_6420_systememc_xc_core_xcxr2poweredge_r440_firmwarepoweredge_m640_\(for_pe_vrtx\)_firmwarepoweredge_xe7420poweredge_mx740c_firmwarepoweredge_m640poweredge_r640_firmwarepoweredge_t440emc_xc_core_xc740xd2_firmwarepoweredge_r940xa_firmwareemc_storage_nx3240dss_8440poweredge_mx840cpoweredge_xe7440_firmwarepoweredge_mx740cpoweredge_t640emc_xc_core_xc640_systememc_storage_nx3340_firmwaredss_8440_firmwarepoweredge_r840_firmwarepoweredge_c4140_firmwarepoweredge_r940poweredge_r540poweredge_m640_\(for_pe_vrtx\)emc_storage_nx3240_firmwarepoweredge_m640_firmwareemc_xc_core_xc940_systempoweredge_mx840c_firmwarepoweredge_r540_firmwarepoweredge_r740xdpoweredge_r740_firmwarepoweredge_r440emc_xc_core_xc940_system_firmwarepoweredge_r740xd2_firmwarepoweredge_xr2_firmwarepoweredge_xe2420poweredge_r940xapoweredge_xe7440poweredge_c6420emc_xc_core_xc740xd_system_firmwarepoweredge_fc640_firmwareemc_storage_nx3340emc_xc_core_6420_system_firmwarepoweredge_xe7420_firmwarepoweredge_t640_firmwarepoweredge_c6420_firmwarepoweredge_r840poweredge_r740xd2poweredge_r640poweredge_fc640poweredge_xe2420_firmwareemc_xc_core_xc640_system_firmwarepoweredge_c4140emc_xc_core_xcxr2_firmwarepoweredge_t440_firmwarepoweredge_r940_firmwarepoweredge_r740xd_firmwareemc_xc_core_xc740xd2poweredge_r740poweredge_xr2PowerEdge Platform
CWE ID-CWE-20
Improper Input Validation
CVE-2016-0889
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-9.8||CRITICAL
EPSS-1.71% / 81.56%
||
7 Day CHG~0.00%
Published-15 Apr, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname.

Action-Not Available
Vendor-n/aDell Inc.
Product-emc_unispheren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2023-24569
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.62%
||
7 Day CHG~0.00%
Published-10 Feb, 2023 | 12:57
Updated-24 Mar, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_command_centerAlienware Command Center (AWCC)
CWE ID-CWE-20
Improper Input Validation
CVE-2024-32858
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.16%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 12:48
Updated-24 Sep, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_x15_r2_firmwarealienware_aurora_r13_firmwarealienware_x17_r2alienware_x17_r1alienware_m17_r4_firmwarealienware_x15_r2alienware_m17_r3alienware_aurora_r15_amd_firmwarealienware_area_51m_r2_firmwarealienware_aurora_ryzen_edition_r14_firmwarexps_8960xps_8950alienware_x15_r1_firmwarealienware_x15_r1xps_8960_firmwarealienware_aurora_ryzen_edition_r14inspiron_3502_firmwarealienware_aurora_r13inspiron_15_3521_firmwareinspiron_15_3510alienware_m17_r4alienware_aurora_r12_firmwarealienware_area_51m_r2xps_8950_firmwarealienware_x17_r1_firmwarealienware_aurora_r10alienware_x14_firmwarealienware_m15_r3_firmwarealienware_aurora_r10_firmwarealienware_m17_r3_firmwarealienware_x17_r2_firmwarealienware_m15_r4alienware_x14inspiron_3502inspiron_15_3521alienware_m15_r3alienware_aurora_r15_amdalienware_aurora_r11_firmwarealienware_aurora_r11alienware_aurora_r15aurora_r16alienware_aurora_r12inspiron_15_3510_firmwarealienware_aurora_r15_firmwareaurora_r16_firmwareCPG BIOSalienware_aurora_r11_firmwarealienware_aurora_r13_firmwarealienware_aurora_r12_firmwarexps_8950_firmwarexps_8960_firmwarealienware_aurora_r15_amd_firmwareinspiron_3502_firmwarealienware_aurora_r15_firmwarealienware_aurora_r14_ryzen_edition_firmwarealienware_aurora_r16_firmwarealienware_aurora_r10_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-32859
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.16%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 12:39
Updated-19 Sep, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_x15_r2_firmwarealienware_aurora_r13_firmwarealienware_x17_r2alienware_x17_r1alienware_m17_r4_firmwarealienware_x15_r2alienware_m17_r3alienware_aurora_r15_amd_firmwarealienware_area_51m_r2_firmwarealienware_aurora_ryzen_edition_r14_firmwarexps_8960xps_8950alienware_x15_r1_firmwarealienware_x15_r1xps_8960_firmwarealienware_aurora_ryzen_edition_r14inspiron_3502_firmwarealienware_aurora_r13inspiron_15_3521_firmwareinspiron_15_3510alienware_m17_r4alienware_aurora_r12_firmwarealienware_area_51m_r2xps_8950_firmwarealienware_x17_r1_firmwarealienware_aurora_r10alienware_x14_firmwarealienware_m15_r3_firmwarealienware_aurora_r10_firmwarealienware_m17_r3_firmwarealienware_x17_r2_firmwarealienware_m15_r4alienware_x14inspiron_3502inspiron_15_3521alienware_m15_r3alienware_aurora_r15_amdalienware_aurora_r11_firmwarealienware_aurora_r11alienware_aurora_r15aurora_r16alienware_aurora_r12inspiron_15_3510_firmwarealienware_aurora_r15_firmwareaurora_r16_firmwareCPG BIOSalienware_aurora_r11_firmwarealienware_aurora_r13_firmwarealienware_aurora_r12_firmwarexps_8950_firmwarexps_8960_firmwarealienware_aurora_r15_amd_firmwareinspiron_3502_firmwarealienware_aurora_r15_firmwarealienware_aurora_r14_ryzen_edition_firmwarealienware_aurora_r16_firmwarealienware_aurora_r10_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-32860
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.16%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 13:00
Updated-16 Aug, 2024 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_x15_r2_firmwarealienware_aurora_r13_firmwarealienware_x17_r2alienware_m17_r4_firmwarealienware_x17_r1alienware_x15_r2alienware_m17_r3alienware_aurora_r15_amd_firmwarealienware_area_51m_r2_firmwarealienware_aurora_ryzen_edition_r14_firmwarexps_8960inspiron_15_352_firmwarexps_8950alienware_x15_r1_firmwareinspiron_15_352alienware_x15_r1alienware_aurora_ryzen_edition_r14xps_8960_firmwareinspiron_3502_firmwarealienware_aurora_r13inspiron_15_3510alienware_m17_r4alienware_aurora_r12_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarexps_8950_firmwarealienware_x14_firmwarealienware_m15_r3_firmwarealienware_m17_r3_firmwarealienware_aurora_r11_firmwarealienware_aurora_r15_amdalienware_m15_r3alienware_m15_r4alienware_x14alienware_x17_r2_firmwareinspiron_3502inspiron_15_3510_firmwarealienware_aurora_r15alienware_aurora_r12aurora_r16alienware_aurora_r11alienware_aurora_r15_firmwareaurora_r16_firmwareCPG BIOScpg_bios
CWE ID-CWE-20
Improper Input Validation
CVE-2021-21532
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5||MEDIUM
EPSS-0.12% / 31.89%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 21:20
Updated-16 Sep, 2024 | 17:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file.

Action-Not Available
Vendor-Dell Inc.
Product-wyse_thinosWyse Proprietary OS (ThinOS)
CWE ID-CWE-16
Not Available
CWE ID-CWE-20
Improper Input Validation
CVE-2021-21506
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-0.53% / 66.04%
||
7 Day CHG~0.00%
Published-08 Mar, 2021 | 21:44
Updated-16 Sep, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. An un-authtenticated with ISI_PRIV_SYS_SUPPORT and ISI_PRIV_LOGIN_PAPI privileges could potentially exploit this vulnerability, leading to potential privileges escalation.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-20
Improper Input Validation
CVE-2024-28977
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-3.3||LOW
EPSS-0.06% / 17.39%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 08:08
Updated-21 Jan, 2025 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of the running web application.

Action-Not Available
Vendor-Dell Inc.
Product-repository_managerDell Repository Manager (DRM) repository_manager
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-28976
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-0.04% / 12.41%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 08:01
Updated-21 Jan, 2025 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized write access to the files stored on the server filesystem with the privileges of the running web application.

Action-Not Available
Vendor-Dell Inc.
Product-repository_managerDell Repository Manager (DRM) repository_manager
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-25970
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 49.09%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 06:53
Updated-09 Jan, 2025 | 15:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an improper input validation vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to loss of integrity.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFSpowerscale_onefs
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6646
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-9.8||CRITICAL
EPSS-3.93% / 87.86%
||
7 Day CHG~0.00%
Published-05 Oct, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input to the (1) GetSymmCmdRequest or (2) RemoteServiceHandler class.

Action-Not Available
Vendor-n/aELAN Microelectronics CorporationDell Inc.
Product-solutions_enableremc_unisphereunispheren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34393
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.02% / 4.57%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 05:19
Updated-03 Apr, 2025 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_5515_firmwarevostro_5515_firmwareinspiron_3195_2-in-1_firmwareinspiron_3180vostro_3515_firmwareinspiron_3185_firmwareinspiron_3585inspiron_3185inspiron_5515g5_se_5505inspiron_5415_firmwareinspiron_5405_firmwareinspiron_27_7775_firmwareinspiron_3505_firmwareinspiron_5585inspiron_7375_firmwareinspiron_3275inspiron_3785inspiron_7405_2-in-1_firmwarevostro_5415inspiron_7415_firmwareinspiron_3515inspiron_5415inspiron_3785_firmwareinspiron_7415vostro_3405_firmwarevostro_3515inspiron_3515_firmwareinspiron_3180_firmwareinspiron_3195_2-in-1inspiron_3475inspiron_5505inspiron_3505inspiron_5485_2-in-1_firmwareinspiron_3595inspiron_27_7775inspiron_5505_firmwarevostro_5515inspiron_5485_2-in-1inspiron_3595_firmwareinspiron_7375inspiron_7405_2-in-1inspiron_3585_firmwareinspiron_5485_firmwareg5_se_5505_firmwareinspiron_5585_firmwareinspiron_3275_firmwarevostro_5415_firmwareinspiron_5405inspiron_3475_firmwarevostro_3405inspiron_5485BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34435
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-2.7||LOW
EPSS-0.04% / 8.75%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 11:07
Updated-03 Apr, 2025 | 19:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update.

Action-Not Available
Vendor-Dell Inc.
Product-idrac9_firmwareidrac9Integrated Dell Remote Access Controller 9
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34460
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.02% / 3.49%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 05:25
Updated-03 Apr, 2025 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_5515_firmwarevostro_5515_firmwareinspiron_3195_2-in-1_firmwareinspiron_3180vostro_3515_firmwareinspiron_3185_firmwareinspiron_3585inspiron_3185inspiron_5515g5_se_5505inspiron_5415_firmwareinspiron_5405_firmwareinspiron_27_7775_firmwareinspiron_3505_firmwareinspiron_5585inspiron_7375_firmwareinspiron_3275inspiron_3785inspiron_7405_2-in-1_firmwarevostro_5415inspiron_7415_firmwareinspiron_3515inspiron_5415inspiron_3785_firmwareinspiron_7415vostro_3405_firmwarevostro_3515inspiron_3515_firmwareinspiron_3180_firmwareinspiron_3195_2-in-1inspiron_3475inspiron_5505inspiron_3505inspiron_5485_2-in-1_firmwareinspiron_3595inspiron_27_7775inspiron_5505_firmwarevostro_5515inspiron_5485_2-in-1inspiron_3595_firmwareinspiron_7375inspiron_7405_2-in-1inspiron_3585_firmwareinspiron_5485_firmwareg5_se_5505_firmwareinspiron_5585_firmwareinspiron_3275_firmwarevostro_5415_firmwareinspiron_5405inspiron_3475_firmwarevostro_3405inspiron_5485BIOS
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found