ByteOS

Matching Score-10

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.06% / 19.06%

||

7 Day CHG~0.00%

Published-02 Jul, 2024 | 07:18

Updated-02 Aug, 2024 | 03:50

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to unauthorized gain of root-level access.

Vendor-Dell Inc.

Product-powerscale_onefs PowerScale OneFS powerscale_onefs

CWE ID-CWE-269

Improper Privilege Management

CVE-2024-39574

Matching Score-10

Assigner-Dell

Matching Score-10

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 6.29%

||

7 Day CHG~0.00%

Published-10 Sep, 2024 | 09:01

Updated-16 Sep, 2024 | 15:59

Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

Vendor-Dell Inc.

Product-insightiq PowerScale InsightIQ powerscale_insightiq

CWE ID-CWE-269

Improper Privilege Management

CVE-2024-37126

Matching Score-10

Assigner-Dell

Matching Score-10

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.06% / 19.06%

||

7 Day CHG~0.00%

Published-02 Jul, 2024 | 07:28

Updated-02 Aug, 2024 | 03:50

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to unauthorized gain of root-level access.

Vendor-Dell Inc.

Product-powerscale_onefs PowerScale OneFS powerscale_onefs

CWE ID-CWE-269

Improper Privilege Management

CVE-2024-25961

Matching Score-10

Assigner-Dell

Matching Score-10

Assigner-Dell

CVSS Score-6||MEDIUM

EPSS-0.06% / 17.36%

||

7 Day CHG~0.00%

Published-28 Mar, 2024 | 18:00

Updated-09 Jan, 2025 | 16:48

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.

Vendor-Dell Inc.

CWE ID-CWE-269

Improper Privilege Management

CVE-2022-34438

Matching Score-10

Assigner-Dell

Matching Score-10

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.05% / 13.88%

||

7 Day CHG~0.00%

Published-21 Oct, 2022 | 18:05

Updated-07 May, 2025 | 16:15

Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters.

Vendor-Dell Inc.

CWE ID-CWE-269

Improper Privilege Management

CVE-2021-36293

Matching Score-10

Assigner-Dell

Matching Score-10

Assigner-Dell

CVSS Score-6.4||MEDIUM

EPSS-0.13% / 33.35%

||

7 Day CHG~0.00%

Published-08 Apr, 2022 | 19:50

Updated-17 Sep, 2024 | 01:10

Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain elevated privileges.

Vendor-Dell Inc.

Product-vnxe1600 vnx5600 vnx5400 vnx5800 vnx_vg10 emc_unity_operating_environment vnx5200 vnx_vg50 vnx7600 vnx8000 VNX2

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE ID-CWE-269

Improper Privilege Management

CVE-2023-32490

Matching Score-10

Assigner-Dell

Matching Score-10

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 6.88%

||

7 Day CHG~0.00%

Published-16 Aug, 2023 | 13:40

Updated-08 Oct, 2024 | 19:05

Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover.

Vendor-Dell Inc.

CWE ID-CWE-269

Improper Privilege Management

CVE-2021-36290

Matching Score-10

Assigner-Dell

Matching Score-10

Assigner-Dell

CVSS Score-6.4||MEDIUM

EPSS-0.11% / 30.42%

||

7 Day CHG~0.00%

Published-08 Apr, 2022 | 19:50

Updated-16 Sep, 2024 | 16:53

Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain privileges.

Vendor-Dell Inc.

Product-vnxe1600 vnx5600 vnx5400 vnx5800 vnx_vg10 emc_unity_operating_environment vnx5200 vnx_vg50 vnx7600 vnx8000 VNX2

CWE ID-CWE-732

Incorrect Permission Assignment for Critical Resource

CWE ID-CWE-269

Improper Privilege Management

CVE-2024-39580

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 7.33%

||

7 Day CHG~0.00%

Published-10 Sep, 2024 | 08:54

Updated-16 Sep, 2024 | 15:40

Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

Vendor-Dell Inc.

Product-insightiq PowerScale InsightIQ powerscale_insightiq

CWE ID-CWE-284

Improper Access Control

CVE-2022-24417

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.05% / 14.30%

||

7 Day CHG~0.00%

Published-26 May, 2022 | 15:20

Updated-16 Sep, 2024 | 20:27

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2024-39579

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 7.20%

||

7 Day CHG~0.00%

Published-31 Aug, 2024 | 07:40

Updated-03 Sep, 2024 | 20:57

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access.

Vendor-Dell Inc.

Product-powerscale_onefs PowerScale OneFS powerscale_onefs

CWE ID-CWE-266

Incorrect Privilege Assignment

CVE-2024-38296

Matching Score-8

Assigner-Dell

Product-edge_gateway_5200 intel_management_engine_firmware_update_utility edge_gateway_3200 Edge Gateway 5200 edge_gateway_5200_firmware

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 5.78%

||

7 Day CHG~0.00%

Published-22 Nov, 2024 | 02:58

Updated-04 Feb, 2025 | 16:05

Dell Edge Gateway 3200, versions prior to 15.40.30.2879, and Edge Gateway 5200, versions prior to 12.0.94.2380, contain an Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure.

Vendor-Dell Inc.

CWE ID-CWE-1421

Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution

CVE-2022-24418

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.05% / 14.30%

||

7 Day CHG~0.00%

Published-26 May, 2022 | 15:20

Updated-17 Sep, 2024 | 02:27

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2022-23156

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6||MEDIUM

EPSS-0.04% / 11.59%

||

7 Day CHG~0.00%

Published-01 Apr, 2022 | 20:00

Updated-16 Sep, 2024 | 18:34

Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A malicious user could potentially exploit this vulnerability by providing invalid input in order to obtain a connection to WMS server.

Vendor-Dell Inc.

Product-wyse_device_agent Dell Wyse Device Agent

CWE ID-CWE-287

Improper Authentication

CVE-2022-22555

Matching Score-8

Assigner-Dell

Product-emc_powerstore_3200t emc_powerstore_500t emc_powerstore_9200t emc_powerstore_5200t_firmware emc_powerstore_1200t_firmware emc_powerstore_9200t_firmware emc_powerstore_500t_firmware emc_powerstore_3200t_firmware emc_powerstore_1200t emc_powerstore_5200t PowerStore

Matching Score-8

Assigner-Dell

CVSS Score-6||MEDIUM

EPSS-0.56% / 67.41%

||

7 Day CHG~0.00%

Published-20 Jul, 2022 | 20:55

Updated-16 Sep, 2024 | 19:47

Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege.

Vendor-Dell Inc.

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVE-2023-28029

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:12

Updated-08 Nov, 2024 | 15:14

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28042

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:22

Updated-08 Nov, 2024 | 16:50

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28044

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:20

Updated-07 Nov, 2024 | 21:09

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28059

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:16

Updated-08 Nov, 2024 | 15:14

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28036

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:01

Updated-08 Nov, 2024 | 14:08

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28027

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:04

Updated-08 Nov, 2024 | 14:08

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28040

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:48

Updated-08 Nov, 2024 | 14:07

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28034

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:08

Updated-07 Nov, 2024 | 21:47

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28041

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:25

Updated-08 Nov, 2024 | 16:32

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-28033

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:37

Updated-08 Nov, 2024 | 15:14

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-25940

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.05% / 13.42%

||

7 Day CHG~0.00%

Published-04 Apr, 2023 | 10:14

Updated-11 Feb, 2025 | 17:04

Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees.

Vendor-Dell Inc.

CWE ID-CWE-59

Improper Link Resolution Before File Access ('Link Following')

CVE-2023-25536

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 10.44%

||

7 Day CHG~0.00%

Published-02 Mar, 2023 | 15:55

Updated-05 Mar, 2025 | 20:58

Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.

Vendor-Dell Inc.

CWE ID-CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE ID-CWE-668

Exposure of Resource to Wrong Sphere

CVE-2023-25938

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.20%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 10:13

Updated-07 Nov, 2024 | 21:31

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2024-38483

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.8||MEDIUM

EPSS-0.03% / 5.17%

||

7 Day CHG~0.00%

Published-14 Aug, 2024 | 09:24

Updated-18 Sep, 2024 | 19:19

Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-21550

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6||MEDIUM

EPSS-0.05% / 16.80%

||

7 Day CHG~0.00%

Published-06 May, 2021 | 12:40

Updated-16 Sep, 2024 | 20:01

Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability can allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges.

Vendor-Dell Inc.

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVE-2023-25937

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 09:40

Updated-08 Nov, 2024 | 14:06

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-25936

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-5.1||MEDIUM

EPSS-0.02% / 3.04%

||

7 Day CHG~0.00%

Published-23 Jun, 2023 | 08:56

Updated-08 Nov, 2024 | 16:10

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-21526

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6||MEDIUM

EPSS-0.03% / 5.99%

||

7 Day CHG~0.00%

Published-20 Apr, 2021 | 16:45

Updated-17 Sep, 2024 | 00:06

Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root.

Vendor-Dell Inc.

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVE-2023-24571

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 4.82%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 09:55

Updated-26 Feb, 2025 | 18:59

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.

Vendor-Dell Inc.

Product-embedded_box_pc_3000_firmware embedded_box_pc_3000 Embedded Box PC 3000 , CPG BIOS

CWE ID-CWE-20

Improper Input Validation

CVE-2024-37132

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 12.18%

||

7 Day CHG~0.00%

Published-02 Jul, 2024 | 07:14

Updated-02 Aug, 2024 | 03:50

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an incorrect privilege assignment vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Elevation of privileges.

Vendor-Dell Inc.

Product-powerscale_onefs PowerScale OneFS powerscale_onefs

CWE ID-CWE-266

Incorrect Privilege Assignment

CVE-2024-37134

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.06% / 17.71%

||

7 Day CHG~0.00%

Published-02 Jul, 2024 | 07:24

Updated-02 Aug, 2024 | 03:50

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access.

Vendor-Dell Inc.

Product-powerscale_onefs PowerScale OneFS powerscale_onefs

CWE ID-CWE-266

Incorrect Privilege Assignment

CVE-2021-21554

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6.1||MEDIUM

EPSS-0.05% / 14.70%

||

7 Day CHG~0.00%

Published-14 Jun, 2021 | 19:10

Updated-16 Sep, 2024 | 16:42

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2022-46756

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-8.2||HIGH

EPSS-0.05% / 14.57%

||

7 Day CHG~0.00%

Published-01 Feb, 2023 | 05:37

Updated-27 Mar, 2025 | 13:25

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

Vendor-Dell Inc.

Product-vxrail_manager VxRail HCI

CWE ID-CWE-668

Exposure of Resource to Wrong Sphere

CVE-2022-45095

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.07% / 23.11%

||

7 Day CHG~0.00%

Published-01 Feb, 2023 | 04:45

Updated-27 Mar, 2025 | 13:24

Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information disclosure, and data deletion.

Vendor-Dell Inc.

CWE ID-CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CVE-2024-25967

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.08% / 23.34%

||

7 Day CHG~0.00%

Published-14 May, 2024 | 06:44

Updated-09 Jan, 2025 | 15:51

Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an execution with unnecessary privileges vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.

Vendor-Dell Inc.

Product-powerscale_onefs PowerScale OneFS powerscale_onefs

CWE ID-CWE-250

Execution with Unnecessary Privileges

CVE-2016-8216

Matching Score-8

Assigner-Dell

Product-emc_data_domain_os EMC Data Domain DD OS EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.39% / 58.89%

||

7 Day CHG~0.00%

Published-03 Feb, 2017 | 07:24

Updated-20 Apr, 2025 | 01:37

EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10 has a command injection vulnerability that could potentially be exploited by malicious users to compromise the affected system.

Vendor-n/a Dell Inc.

CVE-2024-22429

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.05% / 14.30%

||

7 Day CHG~0.00%

Published-17 May, 2024 | 15:20

Updated-30 Jan, 2025 | 15:48

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2022-34454

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.07% / 20.83%

||

7 Day CHG~0.00%

Published-10 Feb, 2023 | 09:48

Updated-24 Mar, 2025 | 18:35

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters.

Vendor-Dell Inc.

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2022-34414

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.45%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:37

Updated-26 Feb, 2025 | 15:48

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34434

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-6.7||MEDIUM

EPSS-0.05% / 16.45%

||

7 Day CHG~0.00%

Published-11 Oct, 2022 | 16:40

Updated-19 May, 2025 | 16:54

Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. A threat actor with root level access to either the vApp or containerized versions of Cloud Mobility may potentially exploit this vulnerability, leading to the modification or deletion of tables that are required for many of the core functionalities of Cloud Mobility. Exploitation may lead to the compromise of integrity and availability of the normal functionality of the Cloud Mobility application.

Vendor-Dell Inc.

Product-cloud_mobility_for_dell_emc_storage Cloud Mobility for Dell Storage

CWE ID-CWE-285

Improper Authorization

CVE-2022-34416

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.45%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:48

Updated-26 Feb, 2025 | 15:34

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34413

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.45%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:35

Updated-26 Feb, 2025 | 15:56

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34420

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.45%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:55

Updated-26 Feb, 2025 | 15:28

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34407

Matching Score-8

Assigner-Dell

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.45%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:04

Updated-26 Feb, 2025 | 18:57

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34411

Matching Score-8

Assigner-Dell