Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-32472

Summary
Assigner-dell
Assigner Org ID-c550e75a-17ff-4988-97f0-544cde3820fe
Published At-10 Jul, 2024 | 02:32
Updated At-26 Sep, 2024 | 11:57
Rejected At-
Credits

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:dell
Assigner Org ID:c550e75a-17ff-4988-97f0-544cde3820fe
Published At:10 Jul, 2024 | 02:32
Updated At:26 Sep, 2024 | 11:57
Rejected At:
▼CVE Numbering Authority (CNA)

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege.

Affected Products
Vendor
Dell Inc.Dell
Product
PowerSwitch Z9664F-ON BIOS
Default Status
unaffected
Versions
Affected
  • From N/A before v1.05.10 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787: Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787: Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
3.15.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Version: 3.1
Base score: 5.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Dell Technologies would like to thank the BINARLY efiXplorer team for reporting these issues
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
vendor-advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Dell Inc.dell
Product
powerswitch_z9664f_on-bios
CPEs
  • cpe:2.3:a:dell:powerswitch_z9664f_on-bios:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before v1.05.10 (semver)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
vendor-advisory
x_transferred
Hyperlink: https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
Resource:
vendor-advisory
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security_alert@emc.com
Published At:10 Jul, 2024 | 03:15
Updated At:26 Sep, 2024 | 12:15

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.2HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Secondary3.15.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 5.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
CPE Matches
Dell Inc.
dell
>>edge_gateway_3200_firmware>>-
cpe:2.3:o:dell:edge_gateway_3200_firmware:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>edge_gateway_3200>>-
cpe:2.3:h:dell:edge_gateway_3200:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>edge_gateway_5200_firmware>>Versions before 1.05.10(exclusive)
cpe:2.3:o:dell:edge_gateway_5200_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>edge_gateway_5200>>-
cpe:2.3:h:dell:edge_gateway_5200:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarysecurity_alert@emc.com
CWE-787Secondarynvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: security_alert@emc.com
CWE ID: CWE-787
Type: Secondary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200security_alert@emc.com
Vendor Advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
Source: security_alert@emc.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

108Records found
CVE-2022-34401
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 6.00%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 05:51
Updated-03 Apr, 2025 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-g15_5525_firmwarealienware_m17_r5_firmwarealienware_m15_a6_firmwareg15_5525alienware_m15_a6alienware_m17_r5CPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34424
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.32%
||
7 Day CHG~0.00%
Published-28 Sep, 2022 | 20:30
Updated-20 May, 2025 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10Dell Networking OS10
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-31226
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.1||HIGH
EPSS-0.11% / 29.81%
||
7 Day CHG~0.00%
Published-12 Sep, 2022 | 18:35
Updated-16 Sep, 2024 | 23:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.

Action-Not Available
Vendor-Dell Inc.
Product-precision_3660_towerinspiron_16_plus_7620_firmwareinspiron_7420xps_17_9720_firmwareinspiron_5620optiplex_7400vostro_3910optiplex_7000vostro_7620_firmwareinspiron_7420_firmwareoptiplex_5000_firmwareprecision_3660_tower_firmwareoptiplex_7000_oemoptiplex_5000inspiron_7620_firmwarechengming_3900optiplex_3000inspiron_5420chengming_3900_firmwarexps_17_9720vostro_3910_firmwareprecision_5770inspiron_16_plus_7620inspiron_14_plus_7420vostro_3710_firmwarevostro_5320vostro_5620_firmwarevostro_7620optiplex_3000_thin_clientinspiron_5620_firmwareoptiplex_5400inspiron_5320_firmwarevostro_5620precision_5770_firmwareinspiron_14_plus_7420_firmwareoptiplex_5400_firmwareoptiplex_3000_thin_client_firmwareoptiplex_3000_firmwareoptiplex_7000_firmwareinspiron_5320inspiron_3910vostro_3710vostro_5320_firmwareoptiplex_7400_firmwareinspiron_3910_firmwareinspiron_5420_firmwareprecision_3460_small_form_factor_firmwareoptiplex_7000_oem_firmwareprecision_3460_small_form_factorinspiron_7620CPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32493
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.02% / 3.21%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-30102
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 3.26%
||
7 Day CHG~0.00%
Published-08 May, 2025 | 17:40
Updated-16 May, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26860
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.02% / 3.60%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 20:15
Updated-17 Sep, 2024 | 04:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareoptiplex_7770_all-in-onexps_15_9510_firmwareinspiron_3470latitude_e7270inspiron_7300_firmwarelatitude_3520vostro_3468precision_3561_firmwareinspiron_7570vostro_3669xps_17_9710_firmwareg5_15_5587inspiron_5590_firmwareprecision_7560g7_17_7790_firmwarelatitude_5179latitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070latitude_9420inspiron_5490_firmwarelatitude_5590optiplex_5080inspiron_5502latitude_5511latitude_7390_2-in-1inspiron_7501precision_5530_2-in-1inspiron_7300_2-in-1precision_5550xps_17_9700inspiron_7580_firmwareprecision_7720vostro_5581_firmwarelatitude_5300vostro_3400latitude_3380_firmwareoptiplex_7760_aiog3_3500precision_5530_firmwareoptiplex_5040vostro_15_7580optiplex_5050latitude_7320latitude_3470inspiron_15_gaming_7577latitude_7300optiplex_7090optiplex_3050_aioprecision_3620_towervostro_5468g7_17_7700_firmwarexps_13_9360optiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_5490_aio_firmwareinspiron_7000latitude_3420latitude_3590_firmwarelatitude_7490_firmwarevostro_5491_firmwareprecision_5520latitude_5310_2-in-1_firmwareinspiron_7490_firmwareinspiron_5409latitude_7400latitude_5591optiplex_5270_all-in-one_firmwareinspiron_3471inspiron_3511_firmwarelatitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwarelatitude_5175_firmwareinspiron_7586optiplex_3040_firmwarelatitude_3400optiplex_5070latitude_3420_firmwareg5_5000inspiron_13_5378_firmwarexps_15_9575_2-in-1inspiron_5491_2-in-1_firmwarelatitude_7285_firmwareoptiplex_3090_firmwareoptiplex_3240_all-in-onexps_13_9370_firmwarevostro_3581_firmwareinspiron_7506_2-in-1_firmwarelatitude_7320_detachable_firmwarevostro_3581latitude_9410optiplex_7070latitude_3570optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwareinspiron_15_5578_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedoptiplex_7090_ultra_firmwarevostro_3268_firmwarevostro_3660inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletprecision_3450inspiron_5510latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarevostro_3568latitude_e5470_firmwarevostro_5591vostro_5090precision_5560latitude_3190vostro_5370latitude_7220ex_rugged_extreme_tablet_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_5521vostro_3478latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540inspiron_3910inspiron_7510_firmwareinspiron_3580_firmwarelatitude_7520inspiron_3781_firmwarevostro_5370_firmwarewyse_5070_firmwarevostro_3670_firmwareinspiron_15_gaming_7577_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520vostro_3660_firmwarewyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290vostro_5410latitude_7212_rugged_extreme_tablet_firmwareinspiron_5402precision_7540_firmwareinspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881vostro_5401edge_gateway_5000_firmwareinspiron_5593wyse_5470_firmwarelatitude_5420_firmwareprecision_3561inspiron_7580vostro_5390_firmwareinspiron_5770latitude_3580vostro_5300precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwarevostro_5301xps_15_9510inspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarealienware_m15_r6_firmwareoptiplex_5270_all-in-oneinspiron_5410_2-in-1optiplex_xe3vostro_3584precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwarelatitude_5491latitude_9520_firmwareprecision_5560_firmwarevostro_5468_firmwarevostro_3690_firmwareoptiplex_7040inspiron_7386latitude_5520_firmwareoptiplex_5090optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_7280latitude_5400latitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551vostro_5491precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwareinspiron_7610latitude_7275_2-in-1_firmwarevostro_5301_firmwareg7_17_7790vostro_5890embedded_box_pc_3000inspiron_5400_2-in-1latitude_7285inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7610_firmwareoptiplex_7770_all-in-one_firmwareinspiron_5400_2-in-1_firmwareinspiron_7391vostro_3671_firmwareprecision_3440vostro_5402optiplex_7090_ultrag5_5000_firmwareoptiplex_7470_all-in-oneoptiplex_7460_firmwareoptiplex_5250_firmwareinspiron_3576inspiron_3671_firmwareinspiron_7500_2-in-1_firmwareinspiron_5510_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwarevostro_15_7580_firmwarelatitude_7214inspiron_3781vostro_3690inspiron_3576_firmwareinspiron_5300_firmwareg7_7588_firmwarelatitude_3570_firmwareoptiplex_3050_firmwareoptiplex_7490_all-in-onevostro_7500inspiron_7590_firmwareinspiron_7791_firmwarevostro_3568_firmwareprecision_7740_firmwareinspiron_15_3567latitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareprecision_3530g7_7588latitude_5411_firmwarelatitude_3510_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultrainspiron_5370precision_7740xps_13_9365inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareoptiplex_7440_aioinspiron_15_5579_firmwareinspiron_7306_2-in-1xps_13_9310_firmwareinspiron_3790_firmwarelatitude_9510optiplex_3280_all-in-oneinspiron_5770_firmwareinspiron_7586_firmwareprecision_5760_firmwarelatitude_3180_firmwarevostro_3681_firmwarevostro_3580_firmwareinspiron_3581_firmwareinspiron_17_7773latitude_9510_firmwarevostro_5890_firmwareinspiron_3910_firmwareinspiron_5406_2-in-1optiplex_5490_aio_firmwareprecision_7760_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwareinspiron_3511vostro_3668xps_13_9305_firmwareinspiron_5410latitude_7280_firmwarevostro_5502vostro_3670edge_gateway_3000latitude_5280latitude_5179_firmwareoptiplex_7780_all-in-oneinspiron_5490inspiron_15_5578inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareprecision_3930_rackprecision_7550vostro_3490inspiron_5391g5_15_5590_firmwareinspiron_5598latitude_5320_firmwarexps_7590_firmwareoptiplex_3080latitude_3480precision_5750latitude_rugged_5430vostro_3671inspiron_7591latitude_7310inspiron_7790latitude_5421_firmwareinspiron_7500inspiron_7790_firmwareg15_5511latitude_3379precision_5760vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwarevostro_3478_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwarevostro_3400_firmwarevostro_5310_firmwareoptiplex_7060latitude_5290_firmwarelatitude_7424_rugged_extremeinspiron_13_5379_firmwareoptiplex_7480_all-in-one_firmwareg5_5090_firmwareoptiplex_3240_all-in-one_firmwarelatitude_7390vostro_3500g3_15_3590latitude_3390_firmwareprecision_3240_compactinspiron_14_3476precision_7750_firmwarelatitude_3520_firmwarelatitude_5285_2-in-1_firmwareinspiron_5490_aiovostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwareprecision_3510_firmwareinspiron_7400inspiron_7370_firmwareprecision_3650_tower_firmwarelatitude_7389_firmwareinspiron_7500_2-in-1optiplex_7470_all-in-one_firmwarevostro_3510latitude_e7470precision_3630_tower_firmwareoptiplex_5040_firmwarexps_13_9310_2-in-1inspiron_3581inspiron_13_7378vostro_5568inspiron_5400_firmwareinspiron_15_5566_firmwarelatitude_5424_ruggedlatitude_5488_firmwareinspiron_5583inspiron_7500_firmwareprecision_3541_firmwareinspiron_5591_2-in-1g5_5500g5_15_5587_firmwareinspiron_15_7572inspiron_7506_2-in-1vostro_5568_firmwareg7_7500precision_3650_towerinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwarevostro_3881_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550inspiron_3891_firmwarelatitude_7370_firmwarelatitude_7370optiplex_3090_ultra_firmwarelatitude_7420_firmwareoptiplex_5070_firmwareinspiron_5501vostro_5501_firmwarelatitude_3310_2-in-1inspiron_5390_firmwareoptiplex_3090_ultralatitude_5490vostro_3070_firmwareinspiron_7390_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_3891inspiron_7786vostro_5310xps_13_9305latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180inspiron_7300_2-in-1_firmwareinspiron_7706_2-in-1_firmwarelatitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_7090_firmwareoptiplex_3070_firmwareg15_5511_firmwarelatitude_7410_firmwarevostro_3667latitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1vostro_3910inspiron_5491_aioinspiron_13_5378inspiron_3780inspiron_7380_firmwareg5_5500_firmwarelatitude_rugged_7330_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarelatitude_3400_firmwarevostro_3890latitude_3510precision_3560_firmwareinspiron_5584precision_3520inspiron_17_7773_firmwareinspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570vostro_5401_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5501_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471xps_17_9700_firmwareinspiron_3480_firmwareoptiplex_5060_firmwarevostro_3590vostro_5390vostro_3578vostro_5590_firmwarelatitude_3470_firmwareprecision_7530_firmwareinspiron_3790vostro_3583_firmwareinspiron_15_5566latitude_3190_firmwareinspiron_5494xps_15_9500latitude_5500inspiron_15_5582inspiron_5508_firmwareprecision_7550_firmwarelatitude_3500_firmwarechengming_3991latitude_5288_firmwareinspiron_7501_firmwareinspiron_5480optiplex_7760_aio_firmwareg15_5510_firmwarevostro_7510_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwarevostro_7510inspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501precision_3450_firmwareinspiron_7472_firmwarechengming_3990inspiron_5301vostro_3583latitude_5491_firmwarevostro_5880_firmwarexps_17_9710inspiron_3493precision_5750_firmwarelatitude_7214_firmwarexps_13_9365_firmwareoptiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarelatitude_3410_firmwarelatitude_5520inspiron_7510vostro_5481wyse_5470_all-in-oneinspiron_7400_firmwareprecision_3530_firmwarelatitude_3320inspiron_5583_firmwarexps_13_9310_2-in-1_firmwarelatitude_5580_firmwarelatitude_3189inspiron_5410_2-in-1_firmwarexps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_7472latitude_5175inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarelatitude_3320_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080vostro_3578_firmwareg15_5510vostro_7500_firmwarelatitude_5480inspiron_5310vostro_5510_firmwarevostro_5471_firmwareinspiron_14_3476_firmwareoptiplex_3046vostro_3468_firmwarelatitude_5414_rugged_firmwarelatitude_5424_rugged_firmwarelatitude_rugged_7330inspiron_15_5582_firmwarelatitude_7300_firmwarelatitude_5421latitude_9420_firmwarelatitude_5510g7_17_7700inspiron_5401_aio_firmwarevostro_5300_firmwarewyse_5470optiplex_5090_firmwarevostro_3501_firmwareinspiron_3593_firmwareoptiplex_7780_all-in-one_firmwarevostro_3710_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarexps_27_7760inspiron_7786_firmwarelatitude_3310_2-in-1_firmwareinspiron_15_5579latitude_5320latitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_27_7760_firmwareoptiplex_3280_all-in-one_firmwarexps_15_9500_firmwarelatitude_5411precision_7760optiplex_7450_firmwareinspiron_7306_2-in-1_firmwareoptiplex_7450vostro_3500_firmwareoptiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwarelatitude_7320_detachableinspiron_5509latitude_3480_firmwarelatitude_3189_firmwarelatitude_9520xps_13_9360_firmwarevostro_3590_firmwareinspiron_5406_2-in-1_firmwareinspiron_5498optiplex_7440_aio_firmwarelatitude_7420inspiron_7591_firmwarelatitude_5290inspiron_5300inspiron_7706_2-in-1inspiron_5508latitude_5289_firmwareprecision_5550_firmwarechengming_3980_firmwareinspiron_5491_2-in-1g7_7500_firmwarelatitude_3120_firmwarelatitude_5590_firmwareinspiron_15_7572_firmwareinspiron_5590vostro_5481_firmwarevostro_5490inspiron_5301_firmwarevostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5408_firmwareinspiron_5498_firmwareprecision_5540vostro_5490_firmwareinspiron_3480latitude_7520_firmwarelatitude_3490precision_3930_rack_firmwarevostro_3710inspiron_3670latitude_5420inspiron_7300inspiron_3793_firmwareinspiron_5402_firmwareinspiron_7390precision_3430_tower_firmwareprecision_7560_firmwarelatitude_3300_firmwarevostro_5471latitude_7400_2-in-1precision_3640_towervostro_5510inspiron_3490vostro_5581latitude_7210_2-in-1_firmwarelatitude_rugged_5430_firmwarexps_13_9310latitude_5510_firmwarevostro_3510_firmwareinspiron_3670_firmwarevostro_15_7570inspiron_5410_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwareinspiron_5408latitude_7220_rugged_extreme_tablet_firmwarevostro_5410_firmwarevostro_5502_firmwareprecision_3540_firmwareoptiplex_3046_firmwarelatitude_3380latitude_5289g3_3500_firmwareprecision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwarelatitude_3410precision_5510_firmwarevostro_5402_firmwareprecision_3420_towerg5_15_5590optiplex_7490_all-in-one_firmwareinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarelatitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarelatitude_3500vostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarealienware_m15_r6precision_5520_firmwarevostro_3890_firmwareoptiplex_5490_aiochengming_3988xps_15_7590latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareprecision_5540_firmwareinspiron_5401_firmwareinspiron_7573vostro_5501vostro_5590xps_8940_firmwarelatitude_7320_firmwarelatitude_3120vostro_3480precision_3560inspiron_5401_aiooptiplex_5260_all-in-one_firmwareinspiron_5509_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedoptiplex_3070inspiron_13_7378_firmwareoptiplex_3040vostro_3910_firmwarelatitude_7290_firmwareprecision_7530inspiron_5370_firmwareinspiron_5391_firmwareinspiron_5502_firmwareoptiplex_7460xps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareinspiron_5409_firmwareprecision_3510xps_13_9380_firmwareinspiron_13_5379inspiron_5390latitude_5288latitude_7490optiplex_7060_firmwareprecision_3240_compact_firmwarelatitude_5521_firmwareinspiron_5401optiplex_5250vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwarevostro_15_7570_firmwareCPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-26336
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.3||HIGH
EPSS-0.06% / 19.14%
||
7 Day CHG~0.00%
Published-21 Mar, 2025 | 02:23
Updated-27 Mar, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.

Action-Not Available
Vendor-Dell Inc.
Product-chassis_management_controller_for_poweredge_fx2chassis_management_controller_for_poweredge_vrtx_firmwarechassis_management_controller_for_poweredge_fx2_firmwarechassis_management_controller_for_poweredge_vrtxDell Chassis Management Controller (CMC) for PowerEdge VRTXDell Chassis Management Controller (CMC) for Dell PowerEdge FX2
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-26479
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-3.1||LOW
EPSS-0.06% / 17.07%
||
7 Day CHG~0.00%
Published-10 Apr, 2025 | 02:32
Updated-15 Jul, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-25050
Matching Score-6
Assigner-Talos
ShareView Details
Matching Score-6
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.02% / 3.39%
||
7 Day CHG~0.00%
Published-13 Jun, 2025 | 21:03
Updated-17 Jun, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dell ControlVault3/ControlVault3 Plus cv_upgrade_sensor_firmware out-of-bounds write vulnerability

An out-of-bounds write vulnerability exists in the cv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an out-of-bounds write. An attacker can issue an API call to trigger this vulnerability.

Action-Not Available
Vendor-Dell Inc.Broadcom Inc.
Product-ControlVault3ControlVault3 PlusBCM5820X
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21573
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.05% / 13.28%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 17:00
Updated-17 Sep, 2024 | 01:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

Action-Not Available
Vendor-Dell Inc.
Product-optiplex_7090_uffxps_15_9510_firmwareinspiron_7500_firmwareinspiron_7300_firmwarelatitude_3520g5_5500precision_17_m5750_firmwareprecision_3561_firmwarexps_17_9710_firmwareg7_7500precision_7560vostro_3881_firmwarelatitude_5511_firmwareprecision_3550inspiron_3891_firmwarevostro_3888vostro_3888_firmwarelatitude_7420_firmwareinspiron_5501vostro_5501_firmwarelatitude_9420optiplex_5090_tower_firmwareprecision_3650_mt_firmwareoptiplex_5080inspiron_5400_aioinspiron_5502latitude_5511inspiron_7501precision_5550inspiron_7300_2-in-1xps_17_9700vostro_3400inspiron_3891xps_13_9305vostro_5310g3_3500latitude_9410_firmwareinspiron_7300_2-in-1_firmwareinspiron_7706_2-in-1_firmwareg15_5511_firmwarelatitude_7410_firmwarelatitude_7320latitude_5310_2-in-1optiplex_7090_tower_firmwarelatitude_3420inspiron_15_7510_firmwareinspiron_14_5418_firmwareg5_5500_firmwareinspiron_7506_firmwarelatitude_5410_firmwarelatitude_5310_2-in-1_firmwareinspiron_5409vostro_3890latitude_3510precision_3560_firmwarevostro_5401_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5406_2n1inspiron_5501_firmwareoptiplex_5080_firmwarexps_17_9700_firmwareinspiron_15_7510latitude_3420_firmwarevostro_14_5410latitude_7320_detachable_firmwarelatitude_9410optiplex_7080_firmwarelatitude_5310xps_15_9500inspiron_5508_firmwareprecision_3450precision_7550_firmwareoptiplex_7090_uff_firmwarechengming_3991precision_5560inspiron_5400_aio_firmwareinspiron_7501_firmwareg15_5510_firmwareinspiron_3881_firmwarelatitude_5521precision_17_m5750vostro_3501latitude_7520vostro_15_5510inspiron_5406_2n1_firmwareprecision_3450_firmwarechengming_3990inspiron_5301g7_7700_firmwareoptiplex_7090_towervostro_5880_firmwarexps_17_9710inspiron_5402inspiron_7700_aiovostro_3881vostro_5401latitude_5420_firmwareprecision_3561latitude_5520latitude_3410_firmwarevostro_5300inspiron_7400_firmwarelatitude_3320vostro_5301precision_3650_mtxps_15_9510latitude_7210_2-in-1inspiron_5410_2-in-1_firmwarevostro_5880precision_7750alienware_m15_r6_firmwareinspiron_5410_2-in-1latitude_3320_firmwarelatitude_9520_firmwareprecision_5560_firmwarevostro_3690_firmwareoptiplex_7080g15_5510latitude_5520_firmwareinspiron_15_5518vostro_7500_firmwarelatitude_5410inspiron_5310precision_3551latitude_5320_2-in-1_firmwareinspiron_7610vostro_5301_firmwarelatitude_5421vostro_5890latitude_9420_firmwarexps_13_2in1_9310latitude_5510inspiron_5400_2-in-1inspiron_5401_aio_firmwareinspiron_7610_firmwarelatitude_5320_2-in-1vostro_5300_firmwarevostro_3501_firmwareinspiron_5400_2-in-1_firmwareoptiplex_7780_all-in-one_firmwareprecision_3440xps_13_2in1_9310_firmwareprecision_3440_firmwarevostro_5402precision_3640_firmwareinspiron_7500_2-in-1_firmwarelatitude_5320precision_3550_firmwarelatitude_7410vostro_3690optiplex_3280_all-in-one_firmwarexps_15_9500_firmwarelatitude_5411inspiron_5300_firmwareprecision_7760vostro_7500optiplex_7490_all-in-oneinspiron_7306_2-in-1_firmwarevostro_3500_firmwarelatitude_7320_detachablelatitude_9520inspiron_5509optiplex_3090_uffoptiplex_5090_towervostro_3681latitude_7420inspiron_5300inspiron_7706_2-in-1inspiron_5508precision_5550_firmwarevostro_15_7510g7_7500_firmwarelatitude_5411_firmwarelatitude_3120_firmwarelatitude_3510_firmwareinspiron_15_5518_firmwareinspiron_5301_firmwareinspiron_5408_firmwarelatitude_7310_firmwareinspiron_7306_2-in-1xps_13_9310_firmwarelatitude_9510optiplex_3280_all-in-onelatitude_7520_firmwareprecision_5760_firmwarelatitude_5420inspiron_7300inspiron_5402_firmwarevostro_3681_firmwareprecision_7560_firmwarevostro_5890_firmwarelatitude_9510_firmwareoptiplex_5490_aio_firmwareprecision_7760_firmwarexps_13_9305_firmwarelatitude_7210_2-in-1_firmwarexps_13_9310vostro_15_7510_firmwarelatitude_5510_firmwareg7_7700vostro_5502inspiron_7506optiplex_7780_all-in-oneinspiron_5408inspiron_3501_firmwarevostro_5502_firmwareinspiron_3880g3_3500_firmwareoptiplex_3080_firmwarelatitude_3410precision_7550vostro_5402_firmwareoptiplex_7490_all-in-one_firmwareinspiron_3881vostro_14_5410_firmwarelatitude_5320_firmwareoptiplex_3080inspiron_3501latitude_5310_firmwarealienware_m15_r6vostro_3890_firmwareoptiplex_5490_aiolatitude_7310latitude_5421_firmwareinspiron_7500g15_5511optiplex_3090_uff_firmwareprecision_5760inspiron_5401_firmwarevostro_15_5510_firmwarevostro_5501optiplex_7480_all-in-onechengming_3990_firmwarelatitude_7320_firmwarelatitude_3120precision_3560inspiron_5401_aioprecision_3551_firmwareprecision_3640inspiron_7700_aio_firmwarevostro_3400_firmwarevostro_5310_firmwareinspiron_5509_firmwareoptiplex_7480_all-in-one_firmwarevostro_3500precision_7750_firmwareinspiron_5502_firmwarelatitude_3520_firmwarechengming_3991_firmwareinspiron_14_5418inspiron_5409_firmwareinspiron_7400inspiron_7500_2-in-1latitude_5521_firmwareinspiron_5401BIOSConnect
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21554
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.1||MEDIUM
EPSS-0.05% / 14.69%
||
7 Day CHG~0.00%
Published-14 Jun, 2021 | 19:10
Updated-16 Sep, 2024 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.

Action-Not Available
Vendor-Dell Inc.
Product-poweredge_r740_firmwarepoweredge_r940xapoweredge_mx740c_firmwareprecision_7920_firmwarepoweredge_r640_firmwareprecision_7920poweredge_r940xa_firmwarepoweredge_r640poweredge_r840poweredge_mx840cpoweredge_mx740cpoweredge_r940_firmwarepoweredge_r840_firmwarepoweredge_r740xd_firmwarepoweredge_r940poweredge_r740poweredge_mx840c_firmwarepoweredge_r740xdPowerEdge BIOS Intel 15G
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-44305
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.1||HIGH
EPSS-5.16% / 89.50%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 08:25
Updated-02 Aug, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.

Action-Not Available
Vendor-Dell Inc.
Product-dm5500_firmwaredm5500Dell PowerProtect Data Manager DM5500 Appliance
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-28970
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-4.7||MEDIUM
EPSS-0.04% / 12.66%
||
7 Day CHG~0.00%
Published-12 Jun, 2024 | 06:51
Updated-18 Sep, 2024 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-g7_7700_firmwareprecision_3660precision_3660_firmwareinspiron_5509inspiron_5502inspiron_5502_firmwarevostro_5502g7_7700vostro_5402inspiron_14_plus_7440_firmwareinspiron_5402inspiron_16_plus_7640_firmwareinspiron_5409_firmwarevostro_5502_firmwareinspiron_5509_firmwareinspiron_27_7720_all-in-one_firmwareg7_7500inspiron_27_7720_all-in-oneg7_7500_firmwareinspiron_5409inspiron_5402_firmwareinspiron_24_5420_all-in-one_firmwareinspiron_24_5420_all-in-oneinspiron_16_7640_2-in-1_firmwareinspiron_16_plus_7640vostro_5402_firmwareinspiron_16_7640_2-in-1inspiron_14_plus_7440CPG BIOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-38490
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.8||MEDIUM
EPSS-0.03% / 5.45%
||
7 Day CHG~0.00%
Published-01 Aug, 2024 | 07:19
Updated-02 Aug, 2024 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC Service Module version 5.3.0.0 and prior, contain a Out of bound Write Vulnerability. A privileged local attacker could execute arbitrary code potentially resulting in a denial of service event.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac_service_moduleiDRAC Service Module (iSM)emc_idrac_service_module
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21540
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.9||MEDIUM
EPSS-0.38% / 58.46%
||
7 Day CHG~0.00%
Published-30 Apr, 2021 | 20:55
Updated-16 Sep, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a stack-based overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability to overwrite configuration information by injecting arbitrarily large payload.

Action-Not Available
Vendor-Dell Inc.
Product-idrac9_firmwareIntegrated Dell Remote Access Controller (iDRAC)
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21555
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.1||MEDIUM
EPSS-0.15% / 36.32%
||
7 Day CHG~0.00%
Published-14 Jun, 2021 | 19:10
Updated-16 Sep, 2024 | 22:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.

Action-Not Available
Vendor-Dell Inc.
Product-poweredge_r740_firmwarepoweredge_r940xapoweredge_mx740c_firmwarepoweredge_r640_firmwarepoweredge_r940xa_firmwarepoweredge_r640poweredge_t640_firmwarepoweredge_r840poweredge_mx840cpoweredge_t640poweredge_mx740cpoweredge_r940_firmwarepoweredge_r840_firmwarepoweredge_r740xd_firmwarepoweredge_r940poweredge_r740poweredge_mx840c_firmwarepoweredge_r740xdPowerEdge BIOS Intel 15G
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21556
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.1||MEDIUM
EPSS-0.05% / 14.69%
||
7 Day CHG~0.00%
Published-14 Jun, 2021 | 19:10
Updated-17 Sep, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.

Action-Not Available
Vendor-Dell Inc.
Product-poweredge_r740_firmwarepoweredge_r940xapoweredge_mx740c_firmwarepoweredge_r640_firmwarepoweredge_r940xa_firmwarepoweredge_r640poweredge_t640_firmwarepoweredge_r840poweredge_mx840cpoweredge_t640poweredge_mx740cpoweredge_r940_firmwarepoweredge_r840_firmwarepoweredge_r740xd_firmwarepoweredge_r940poweredge_r740poweredge_mx840c_firmwarepoweredge_r740xdPowerEdge BIOS Intel 15G
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-45969
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.05% / 14.62%
||
7 Day CHG~0.00%
Published-05 Jan, 2022 | 23:00
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the CommBuffer+8 location).

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)
Product-insydeh2on/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-45970
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.57%
||
7 Day CHG-0.01%
Published-05 Jan, 2022 | 22:59
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the status code saved at the CommBuffer+4 location).

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)
Product-insydeh2on/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-43615
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.14% / 35.04%
||
7 Day CHG~0.00%
Published-03 Feb, 2022 | 01:09
Updated-04 Aug, 2024 | 04:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in HddPassword in Insyde InsydeH2O with kernel 5.1 before 05.16.23, 5.2 before 05.26.23, 5.3 before 05.35.23, 5.4 before 05.43.22, and 5.5 before 05.51.22. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)
Product-insydeh2on/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-42554
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.05% / 13.88%
||
7 Day CHG~0.00%
Published-03 Feb, 2022 | 01:40
Updated-04 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51. An SMM memory corruption vulnerability in FvbServicesRuntimeDxe allows a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)Siemens AG
Product-simatic_ipc127e_firmwaresimatic_ipc477e_firmwaresimatic_ipc427e_firmwaresimatic_ipc847esimatic_ipc377gsimatic_ipc427esimatic_field_pg_m6insydeh2osimatic_ipc227gsimatic_ipc677esimatic_field_pg_m5_firmwaresimatic_ipc677e_firmwaresimatic_ipc277g_firmwaresimatic_ipc227g_firmwaresimatic_ipc127esimatic_ipc647e_firmwaresimatic_ipc277gsimatic_itp1000_firmwareruggedcom_ape1808simatic_ipc627e_firmwaresimatic_ipc477esimatic_field_pg_m6_firmwaresimatic_ipc627esimatic_ipc847e_firmwareruggedcom_ape1808_firmwaresimatic_field_pg_m5simatic_itp1000simatic_ipc647esimatic_ipc327gsimatic_ipc377g_firmwaresimatic_ipc327g_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-45971
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.05% / 14.62%
||
7 Day CHG~0.00%
Published-05 Jan, 2022 | 23:09
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (CommBufferData).

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)
Product-insydeh2on/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3546
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.2||HIGH
EPSS-0.07% / 22.31%
||
7 Day CHG~0.00%
Published-02 Jun, 2021 | 13:30
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service condition, or potential code execution with the privileges of the QEMU process.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemuQEMU
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-32668
Matching Score-4
Assigner-FreeBSD
ShareView Details
Matching Score-4
Assigner-FreeBSD
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.43%
||
7 Day CHG~0.00%
Published-05 Sep, 2024 | 04:42
Updated-20 Sep, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
bhyve(8) privileged guest escape via USB controller

An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.

Action-Not Available
Vendor-FreeBSD Foundation
Product-freebsdFreeBSDfreebsd
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-193
Off-by-one Error
CVE-2021-26344
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.2||HIGH
EPSS-0.03% / 7.07%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 16:49
Updated-18 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-epyc_7303epyc_7f32epyc_7272_firmwareepyc_7313pepyc_7402p_firmwareepyc_7663_firmwareepyc_7301epyc_7662_firmwareepyc_7203pepyc_7313p_firmwareepyc_7551_firmwareepyc_7232p_firmwareepyc_7443pepyc_7203epyc_7551pepyc_7252_firmwareepyc_7742epyc_7262epyc_7663epyc_7371_firmwareepyc_7713epyc_7351p_firmwareepyc_7262_firmwareepyc_7501epyc_7552epyc_7451_firmwareepyc_7773x_firmwareepyc_7302p_firmwareepyc_72f3_firmwareepyc_7543pepyc_7573x_firmwareepyc_7702p_firmwareepyc_7702pepyc_7702_firmwareepyc_7502epyc_7513_firmwareepyc_7763epyc_7h12_firmwareepyc_7281epyc_7543_firmwareepyc_7001_firmwareepyc_7473xepyc_75f3epyc_74f3epyc_7303pepyc_7502p_firmwareepyc_7302pepyc_72f3epyc_7552_firmwareepyc_7272epyc_7453_firmwareepyc_7713p_firmwareepyc_74f3_firmwareepyc_7282_firmwareepyc_7473x_firmwareepyc_7281_firmwareepyc_7001epyc_7642_firmwareepyc_7f72_firmwareepyc_7401epyc_7f52_firmwareepyc_7f72epyc_7502pepyc_7551p_firmwareepyc_7371epyc_7663pepyc_7343epyc_7313epyc_7402_firmwareepyc_7402pepyc_7542_firmwareepyc_7742_firmwareepyc_7413_firmwareepyc_7643_firmwareepyc_7261epyc_7452_firmwareepyc_7642epyc_7401_firmwareepyc_7f32_firmwareepyc_7203p_firmwareepyc_7543p_firmwareepyc_7601epyc_7251epyc_7352_firmwareepyc_7763_firmwareepyc_7252epyc_7232pepyc_7543epyc_7301_firmwareepyc_7713_firmwareepyc_7643epyc_7663p_firmwareepyc_7662epyc_7351epyc_7502_firmwareepyc_7532epyc_7501_firmwareepyc_7343_firmwareepyc_7643pepyc_7702epyc_7573xepyc_7302epyc_7513epyc_7303_firmwareepyc_7401p_firmwareepyc_7413epyc_7453epyc_7443p_firmwareepyc_7251_firmwareepyc_75f3_firmwareepyc_7h12epyc_7282epyc_7373x_firmwareepyc_7551epyc_7443epyc_7203_firmwareepyc_7402epyc_7313_firmwareepyc_7601_firmwareepyc_7643p_firmwareepyc_7542epyc_7452epyc_7352epyc_7261_firmwareepyc_7451epyc_7351_firmwareepyc_7773xepyc_7373xepyc_7532_firmwareepyc_73f3epyc_7713pepyc_7401pepyc_7f52epyc_7302_firmwareepyc_73f3_firmwareepyc_7443_firmwareepyc_7303p_firmwareepyc_7351pAMD Athlon™ 3000 Series Desktop Processors with Radeon™ GraphicsAMD Ryzen™ Threadripper™ 3000 Series ProcessorsAMD EPYC™ 7002 Series ProcessorsAMD Ryzen™ 4000 Series Desktop Processors with Radeon™ GraphicsAMD EPYC™ Embedded 7003 Series ProcessorsAMD Ryzen™ Embedded V2000 Series ProcessorsAMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsAMD Ryzen™ 7035 Series Processors with Radeon™ GraphicsAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsAMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsAMD Ryzen™ Embedded R1000 Series ProcessorsAMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsAMD Ryzen™ Embedded V1000 Series ProcessorsAMD EPYC™ 7001 Series ProcessorsAMD Ryzen™ 5000 Series Desktop ProcessorsAMD Ryzen™ 3000 Series Processors with Radeon™ GraphicsAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsAMD Ryzen™ 5000 Series Desktop Processor with Radeon™ GraphicsAMD Ryzen™ 5000 Series Processors with Radeon™ GraphicsAMD EPYC™ Embedded 7002 Series ProcessorsAMD EPYC™ Embedded 3000 Series ProcessorsAMD EPYC™ 7003 Series ProcessorsAMD Ryzen™ Embedded R2000 Series ProcessorsAMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsAMD Ryzen™ 3000 Series Desktop ProcessorsAMD Ryzen™ Embedded 5000 Series ProcessorsAMD Ryzen™ Threadripper™ PRO 5000WX ProcessorsAMD Ryzen™ Embedded V3000 Series Processorsmilanpinaplespiromepi
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-12668
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-8.2||HIGH
EPSS-0.03% / 7.05%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 14:56
Updated-16 Dec, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Velocidex WinPmem Out of Bounds Write Vulnerability

Velocidex WinPmem versions below 4.1 suffer from an Out of Bounds Write vulnerability. By using an IO Control, a user space program can trick the driver into writing a 0 into any chosen memory location. In conjunction with information leakage from the WinPmem driver, attackers can discover the location in memory for the g_CiOptions global symbol. This can be leveraged to disable signed driver enforcement on the target system - allowing attackers to load unsigned drivers.

Action-Not Available
Vendor-Velocidex
Product-WinPmem
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-20233
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.2||HIGH
EPSS-0.29% / 51.72%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 16:44
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aRed Hat, Inc.NetApp, Inc.GNUFedora Project
Product-enterprise_linux_server_eusontap_select_deploy_administration_utilityenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxfedoraenterprise_linux_server_tusgrub2grub2
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2867
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.2||HIGH
EPSS-0.08% / 25.25%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 22:31
Updated-15 Oct, 2024 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-22254
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-7.9||HIGH
EPSS-0.32% / 54.21%
||
7 Day CHG~0.00%
Published-05 Mar, 2024 | 17:58
Updated-07 May, 2025 | 15:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds write vulnerability

VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.

Action-Not Available
Vendor-n/aBroadcom Inc.VMware (Broadcom Inc.)
Product-esxicloud_foundationVMware ESXiVMware Cloud Foundationvmware_esxivmware_cloud_foundation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28545
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.08%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS

Memory corruption in TZ Secure OS while loading an app ELF.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwaresw5100pvision_intelligence_300_platformsd865_5gqca6595wcd9335wcd9370qca8081_firmwaresnapdragon_x50_5g_modem-rf_systemqca4004qca6696wcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024qcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700qca9984_firmwaresnapdragon_768g_5g_mobile_platform_firmwarewsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395snapdragon_460_mobile_platform9205_lte_modemqca6574au_firmwaresnapdragon_8cx_gen_3_compute_platform_firmwareqcn7606_firmwareqam8295pwcd9341qca6574auwcd9390wsa8810_firmwarewsa8845h_firmwarecsra6640snapdragon_8cx_gen_2_5g_compute_platformsa9000p_firmwaresrv1hfastconnect_6800_firmwareqcn6024_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platformssg2115pqcc710snapdragon_850_mobile_compute_platformsnapdragon_8cx_compute_platform_firmwaresa8540psnapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqsm8250_firmwareqsm8350_firmwarerobotics_rb3_platform315_5g_iot_modem_firmwarefastconnect_6900snapdragon_765g_5g_mobile_platformqru1032_firmwareqfw7114wcd9385_firmwareqca6421315_5g_iot_modemsnapdragon_x55_5g_modem-rf_systemqca6310qam8255p_firmwaresa8155_firmwarewcd9360snapdragon_888_5g_mobile_platform_firmwaresnapdragon_wear_1300_platform_firmwareqca6335snapdragon_ar2_gen_1_platform_firmwareqcs4490snapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_685_4g_mobile_platformsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pqca6421_firmwareqca6564au_firmwaresnapdragon_768g_5g_mobile_platformwsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqdu1000_firmwareqsm8250snapdragon_8\+_gen_2_mobile_platformsrv1h_firmwareqca6595ausm7315_firmwareqdu1010wcd9326_firmwaresa6155p_firmwarewsa8840qcs8550_firmwareqdu1210_firmwaresnapdragon_870_5g_mobile_platform_firmwareqfw7124_firmwareqca6436_firmwareqcn9012snapdragon_8\+_gen_1_mobile_platformqcs4490_firmwaresnapdragon_8_gen_2_mobile_platformwcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwaresnapdragon_855\+\/860_mobile_platform_firmwareqca6420wcn3910wcd9370_firmwaresnapdragon_x70_modem-rf_system_firmwaresnapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqdu1110_firmwareqdu1000qca6574aqca6174awcd9340qcs8250_firmwareqcm2290qdu1210qca6335_firmwareqcm6490sa8540p_firmwaresm8550p_firmwareqcm8550wcn3988qcn9024snapdragon_460_mobile_platform_firmwareqca6574snapdragon_x75_5g_modem-rf_systemsxr2230p_firmwaresd675_firmwaresnapdragon_8cx_compute_platformqca6430_firmwaresnapdragon_870_5g_mobile_platformqcn9011qamsrv1hsdx57mqcn9024_firmwaresnapdragon_8cx_gen_3_compute_platformwsa8845hwcd9326qcm2290_firmwaresa8155p_firmwareqca6564asa8155pwsa8830snapdragon_675_mobile_platformsnapdragon_wear_1300_platformsnapdragon_662_mobile_platformsm8550psa6145psnapdragon_8\+_gen_1_mobile_platform_firmwarevision_intelligence_400_platform_firmwaresnapdragon_765_5g_mobile_platformsa8255p_firmwareflight_rb5_5g_platform_firmwaresnapdragon_665_mobile_platformar8035sa6155qrb5165m_firmwaresa8650p_firmwaresnapdragon_678_mobile_platform_firmwareqcm4325robotics_rb5_platformqcn6224qca6698aqwcn3950_firmwaressg2125p_firmwareqrb5165nsnapdragon_8c_compute_platform_firmwaresnapdragon_8_gen_1_mobile_platformfastconnect_6200sd670sm7325p_firmwaresd460wcd9360_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_firmwaresnapdragon_888\+_5g_mobile_platformqdx1011smart_audio_400_platformsnapdragon_855\+\/860_mobile_platformsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990sd670_firmwaresnapdragon_680_4g_mobile_platform_firmwareqcs6490qcs8250snapdragon_750g_5g_mobile_platformfastconnect_6200_firmwarear8031_firmwarewsa8830_firmwareqcn6224_firmwareqca6431snapdragon_850_mobile_compute_platform_firmwarewsa8845_firmwarewsa8832sdx57m_firmwaresxr2130_firmwaresnapdragon_675_mobile_platform_firmwarear8035_firmwareqrb5165msnapdragon_888_5g_mobile_platformsc8380xpsnapdragon_w5\+_gen_1_wearable_platform_firmwaresd888_firmwaresnapdragon_662_mobile_platform_firmwarewcd9306qca6564auwsa8815_firmwareqca8337_firmwareqcm4290snapdragon_680_4g_mobile_platformar8031sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresnapdragon_8c_compute_platformsm7250p_firmwarewcn3999sm4125qcm4490_firmwaresnapdragon_855_mobile_platformqru1032robotics_rb3_platform_firmwarewcn3950flight_rb5_5g_platformsnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_765g_5g_mobile_platform_firmwaresnapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_670_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platformqca4004_firmwaresa8295p_firmwaresd_675_firmwareqca9984sm7250psa8155sd_8cx_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwaresd888qcn9011_firmwareqru1062_firmwaresd460_firmwaresnapdragon_4_gen_2_mobile_platformsw5100_firmwaresnapdragon_765_5g_mobile_platform_firmwarewcn6740sc8380xp_firmwareqru1062qca6310_firmwarefastconnect_6800qfw7114_firmwareqcs7230snapdragon_685_4g_mobile_platform_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_782g_mobile_platform_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwaresnapdragon_4_gen_1_mobile_platformsa8150pvision_intelligence_300_platform_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_665_mobile_platform_firmwaresnapdragon_x24_lte_modemsnapdragon_auto_5g_modem-rf_firmwaresxr1230psnapdragon_865\+_5g_mobile_platformsd662_firmwaresw5100video_collaboration_vc3_platformaqt1000wcd9306_firmwaresnapdragon_865_5g_mobile_platform_firmwareqam8295p_firmwaresd855qca6431_firmwarewcn3990_firmware9205_lte_modem_firmwaresm7315qca6698aq_firmwareqcs2290qca6564a_firmwareqcn7606wcd9385qcs2290_firmwareqsm8350wcn3999_firmwaresd662snapdragon_678_mobile_platformsa8255pqcs7230_firmwareqcs4290sxr1230p_firmwarewcd9390_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platformqca6430sg8275psdx55_firmwareqdx1011_firmwaresnapdragon_auto_5g_modem-rfssg2125pqru1052sxr2130qcm4490csra6640_firmwaresnapdragon_xr2\+_gen_1_platformqca6174a_firmwaresm7325pqam8650p_firmwarevideo_collaboration_vc5_platformsnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemsd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwareqcn6274snapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwaresnapdragon_480_5g_mobile_platform_firmwareqfw7124qdu1010_firmwareqca6595au_firmwaresw5100p_firmwaresnapdragon_ar2_gen_1_platformsnapdragon_782g_mobile_platformqca6696_firmwareqcs4290_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwareqca6574_firmwarecsra6620qca8081wsa8815sg4150psd_8_gen1_5gqam8775pqca9377qca6797aqqcm4325_firmwarevision_intelligence_400_platformqca6574a_firmwaresdx55qcm4290_firmwaresnapdragon_480\+_5g_mobile_platformsd675sd_8_gen1_5g_firmwarewcd9375_firmwareqca6391snapdragon_x70_modem-rf_systemsnapdragon_778g_5g_mobile_platform_firmwaresmart_audio_400_platform_firmwareqcn9012_firmwaresg4150p_firmwaresnapdragon_480_5g_mobile_platformqru1052_firmwaresnapdragon_670_mobile_platformcsra6620_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295probotics_rb5_platform_firmwareqcs8550snapdragon_x50_5g_modem-rf_system_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwarewcd9375wcn3988_firmwareqamsrv1h_firmwaresd_675snapdragon_888\+_5g_mobile_platform_firmwaresd_8cxwsa8835_firmwaressg2115p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_690_5g_mobile_platform_firmwareqdx1010Snapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-25506
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.22%
||
7 Day CHG~0.00%
Published-22 Apr, 2023 | 02:30
Updated-04 Feb, 2025 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components.

Action-Not Available
Vendor-NVIDIA Corporation
Product-sbiosdgx-1NVIDIA DGX servers
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-3906
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.94%
||
7 Day CHG~0.00%
Published-21 Sep, 2018 | 15:00
Updated-16 Sep, 2024 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-Samsung
Product-sth-eth-250sth-eth-250_firmwareSmartThings Hub STH-ETH-250
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-4422
Matching Score-4
Assigner-Insyde Software
ShareView Details
Matching Score-4
Assigner-Insyde Software
CVSS Score-8.2||HIGH
EPSS-0.02% / 2.19%
||
7 Day CHG~0.00%
Published-30 Jul, 2025 | 00:40
Updated-14 Aug, 2025 | 05:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
EfiSmiServices : EfiPcdProtocol, SMM memory corruption vulnerabilities in SMM module

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability.  https://support.lenovo.com/us/en/product_security/home

Action-Not Available
Vendor-Insyde Software
Product-InsydeH2O
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20869
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-8.2||HIGH
EPSS-2.26% / 83.95%
||
7 Day CHG~0.00%
Published-25 Apr, 2023 | 00:00
Updated-04 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-workstationfusionVMware Workstation Pro / Player (Workstation) and VMware Fusion
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21499
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.2||HIGH
EPSS-0.03% / 6.40%
||
7 Day CHG~0.00%
Published-04 May, 2023 | 00:00
Updated-12 Feb, 2025 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-androidSamsung Mobile Devices
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47368
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.7||MEDIUM
EPSS-0.01% / 1.90%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 05:28
Updated-26 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-t610t820sc9832et760t606s8000t616t310androidt618sc7731et612sc9863at770SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47364
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.7||MEDIUM
EPSS-0.01% / 1.46%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 05:27
Updated-26 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-t610t820sc9832et760t606s8000t616t310androidt618sc7731et612sc9863at770SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47369
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.7||MEDIUM
EPSS-0.01% / 1.90%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 05:28
Updated-26 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-t610t820sc9832et760t606s8000t616t310androidt618sc7731et612sc9863at770SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36337
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.11% / 30.16%
||
7 Day CHG~0.00%
Published-23 Nov, 2022 | 00:00
Updated-25 Apr, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI variable under the OS can cause this overflow when read by BIOS code.

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)
Product-kerneln/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-4421
Matching Score-4
Assigner-Insyde Software
ShareView Details
Matching Score-4
Assigner-Insyde Software
CVSS Score-8.2||HIGH
EPSS-0.02% / 2.19%
||
7 Day CHG~0.00%
Published-30 Jul, 2025 | 00:39
Updated-14 Aug, 2025 | 05:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
EfiSmiServices: gEfiSmmCpuProtocol, SMM memory corruption vulnerabilities in SMM module

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability.  https://support.lenovo.com/us/en/product_security/home

Action-Not Available
Vendor-Insyde Software
Product-InsydeH2O
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33218
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.04% / 9.76%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive

Memory corruption in Automotive due to improper input validation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6564au_firmwareqca6584ausa6155p_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwareapq8064au_firmwareqca6595qca6564ausa8155_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaremsm8996auqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwareqca6595au_firmwaresa6155sa6155psa8540psa8295p_firmwareqca6574asa6145pqca6584au_firmwareapq8096auqca6696_firmwareqca6595_firmwaresa8145pqca6696qam8295psa9000papq8064ausa8150psa6150papq8096au_firmwaresa8155pqam8295p_firmwaresa8155qca6574a_firmwaresa9000p_firmwareqca6574au_firmwaresa8195p_firmwareqca6595ausa6155_firmwareqca6564asa8295pSnapdragon
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23085
Matching Score-4
Assigner-FreeBSD
ShareView Details
Matching Score-4
Assigner-FreeBSD
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 32.55%
||
7 Day CHG~0.00%
Published-15 Feb, 2024 | 04:52
Updated-13 Feb, 2025 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Potential jail escape vulnerabilities in netmap

A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.

Action-Not Available
Vendor-FreeBSD Foundation
Product-freebsdFreeBSDfreebsd
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11806
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.06% / 17.12%
||
7 Day CHG~0.00%
Published-13 Jun, 2018 | 16:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

Action-Not Available
Vendor-n/aQEMUCanonical Ltd.Debian GNU/LinuxRed Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxvirtualizationdebian_linuxenterprise_linux_server_ausenterprise_linux_workstationqemuopenstackenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusenterprise_linux_desktopn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-31705
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-8.2||HIGH
EPSS-1.27% / 78.62%
||
7 Day CHG~0.00%
Published-14 Dec, 2022 | 00:00
Updated-18 Apr, 2025 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.

Action-Not Available
Vendor-n/aApple Inc.VMware (Broadcom Inc.)
Product-fusionesxiworkstationmac_os_xVMware ESXi, VMware Workstation Pro / Player, VMware Fusion Pro / Fusion (Fusion), VMware Cloud Foundation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30771
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.05% / 14.74%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-30 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in: Kernel 5.1: Version 05.17.25 Kernel 5.2: Version 05.27.25 Kernel 5.3: Version 05.36.25 Kernel 5.4: Version 05.44.25 Kernel 5.5: Version 05.52.25 https://www.insyde.com/security-pledge/SA-2022064

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)
Product-kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-2908
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.2||HIGH
EPSS-0.15% / 36.75%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:29
Updated-27 Sep, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2022-40262
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-8.2||HIGH
EPSS-0.01% / 1.63%
||
7 Day CHG~0.00%
Published-20 Sep, 2022 | 17:35
Updated-27 May, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The arbitrary write vulnerability in S3Resume2Pei leads to arbitrary code execution during PEI phase.

A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: S3Resume2Pei SHA256: 7bb29f05534a8a1e010443213451425098faebd45948a4642db969b19d0253fc Module GUID: 89E549B0-7CFE-449D-9BA3-10D8B2312D71

Action-Not Available
Vendor-AMIIntel Corporation
Product-server_board_m10jnp2sbserver_board_m10jnp2sb_firmwareaptio_vAptio
CWE ID-CWE-123
Write-what-where Condition
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30772
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.05% / 14.74%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-30 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by malware to overwrite SMRAM or OS kernel memory. This issue was discovered by Insyde engineering during a security review. This issue is fixed in: Kernel 5.0: 05.09.41 Kernel 5.1: 05.17.43 Kernel 5.2: 05.27.30 Kernel 5.3: 05.36.30 Kernel 5.4: 05.44.30 Kernel 5.5: 05.52.30 https://www.insyde.com/security-pledge/SA-2022065

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)
Product-kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-35895
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.09% / 25.64%
||
7 Day CHG~0.00%
Published-21 Sep, 2022 | 20:36
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code execution.

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)
Product-insydeh2on/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-28200
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-8.2||HIGH
EPSS-0.06% / 18.32%
||
7 Day CHG~0.00%
Published-02 Jul, 2022 | 00:20
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components.

Action-Not Available
Vendor-NVIDIA Corporation
Product-dgx_a100_firmwaredgx_a100NVIDIA DGX A100
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found