CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2020-29491
https://notcve.org/view.php?id=CVE-2020-29491
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the sensitive information on the local network, leading to the potential compromise of impacted thin clients. Dell Wyse ThinOS versiones 8.6 y anteriores, contienen una vulnerabilidad de configuración predeterminada no segura. Un atacante remoto no autenticado podría potencialmente explotar esta vulnerabilidad para obtener acceso a la información confidencial en la red local, conllevando a un potencial compromiso de los clientes ligeros afectados. • https://www.dell.com/support/kbdoc/en-us/000180768/dsa-2020-281 • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2020-5360
https://notcve.org/view.php?id=CVE-2020-5360
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems. Dell BSAFE Micro Edition Suite, versiones anteriores a 4.5, son susceptibles a una Vulnerabilidad de Lectura Insuficiente del Búfer. Un atacante remoto no autenticado podría explotar esta vulnerabilidad resultando en un comportamiento indefinido o un bloqueo de los sistemas afectados • https://www.dell.com/support/kbdoc/en-us/000181098/dsa-2020-114-dell-bsafe-micro-edition-suite-multiple-security-vulnerabilities https://www.oracle.com/security-alerts/cpuApr2021.html • CWE-125: Out-of-bounds Read CWE-127: Buffer Under-read •
CVSS: 5.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-5359
https://notcve.org/view.php?id=CVE-2020-5359
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to modify and corrupt the encrypted data. Dell BSAFE Micro Edition Suite, versiones anteriores a 4.5, son susceptibles a una Vulnerabilidad de Valor de Retorno No Comprobado. Un atacante remoto no autenticado podría potencialmente explotar esta vulnerabilidad para modificar y corromper los datos cifrados • https://www.dell.com/support/kbdoc/en-us/000181098/dsa-2020-114-dell-bsafe-micro-edition-suite-multiple-security-vulnerabilities https://www.oracle.com/security-alerts/cpuApr2021.html • CWE-252: Unchecked Return Value CWE-544: Missing Standardized Error Handling Mechanism •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26198
https://notcve.org/view.php?id=CVE-2020-26198
Dell EMC iDRAC9 versions prior to 4.32.10.00 and 4.40.00.00 contain a reflected cross-site scripting vulnerability in the iDRAC9 web application. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link. Dell EMC iDRAC9 versiones anteriores a 4.32.10.00 y 4.40.00.00, contienen una vulnerabilidad de tipo cross-site scripting reflejada en la aplicación web de iDRAC9. Un atacante remoto podría potencialmente explotar esta vulnerabilidad para ejecutar HTML o JavaScript maliciosos en el navegador de una víctima engañándola para que siga un enlace especialmente diseñado • https://www.dell.com/support/kbdoc/en-us/000181088/dsa-2020-268-dell-emc-idrac9-reflected-xss-vulnerability • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5388
https://notcve.org/view.php?id=CVE-2020-5388
Dell Inspiron 15 7579 2-in-1 BIOS versions prior to 1.31.0 contain an Improper SMM communication buffer verification vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. Dell Inspiron 15 7579 2-en-1 BIOS versiones anteriores a 1.31.0, contienen una vulnerabilidad de verificación de búfer de comunicación SMM Inapropiada. Un usuario malicioso autenticado local podría potencialmente explotar esta vulnerabilidad mediante el uso de una SMI para obtener una ejecución de código arbitraria en SMRAM • https://www.dell.com/support/article/en-us/sln322869/dsa-2020-215-dell-inspiron-15-7579-2-in-1-improper-smm-communication-buffer-boundary-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •