CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-0163
https://notcve.org/view.php?id=CVE-2024-0163
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources. Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contienen una vulnerabilidad de condición de ejecución TOCTOU. Un atacante local con pocos privilegios podría explotar esta vulnerabilidad para obtener acceso a recursos que de otro modo no estarían autorizados. • https://www.dell.com/support/kbdoc/en-us/000222756/dsa-2024-003-security-update-for-dell-poweredge-server-bios-for-a-time-of-check-time-of-use-toctou-vulnerability • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-0162
https://notcve.org/view.php?id=CVE-2024-0162
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM. Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contienen una vulnerabilidad de verificación del búfer de comunicación SMM incorrecta. Un atacante local con pocos privilegios podría explotar esta vulnerabilidad, lo que provocaría lecturas/escrituras fuera de los límites en SMRAM. • https://www.dell.com/support/kbdoc/en-us/000222812/dsa-2024-004-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0CVE-2024-0161
https://notcve.org/view.php?id=CVE-2024-0161
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM. Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contienen una vulnerabilidad de verificación del búfer de comunicación SMM incorrecta. Un atacante local con pocos privilegios podría explotar esta vulnerabilidad y provocar escrituras arbitrarias en SMRAM. • https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25951
https://notcve.org/view.php?id=CVE-2024-25951
A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system. Existe una vulnerabilidad de inyección de comandos en RACADM local. Un usuario autenticado malintencionado podría obtener el control del sistema operativo subyacente. • https://www.dell.com/support/kbdoc/en-us/000222591/dsa-2024-089-security-update-for-dell-idrac8-local-racadm-vulnerability • CWE-1288: Improper Validation of Consistency within Input •
CVSS: 3.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-24901
https://notcve.org/view.php?id=CVE-2024-24901
Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period. • https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities • CWE-778: Insufficient Logging •