CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0CVE-2024-0161
https://notcve.org/view.php?id=CVE-2024-0161
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM. Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contienen una vulnerabilidad de verificación del búfer de comunicación SMM incorrecta. Un atacante local con pocos privilegios podría explotar esta vulnerabilidad y provocar escrituras arbitrarias en SMRAM. • https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25951
https://notcve.org/view.php?id=CVE-2024-25951
A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system. Existe una vulnerabilidad de inyección de comandos en RACADM local. Un usuario autenticado malintencionado podría obtener el control del sistema operativo subyacente. • https://www.dell.com/support/kbdoc/en-us/000222591/dsa-2024-089-security-update-for-dell-idrac8-local-racadm-vulnerability • CWE-1288: Improper Validation of Consistency within Input •
CVSS: 3.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-24901
https://notcve.org/view.php?id=CVE-2024-24901
Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period. • https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities • CWE-778: Insufficient Logging •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22463
https://notcve.org/view.php?id=CVE-2024-22463
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information • https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22452
https://notcve.org/view.php?id=CVE-2024-22452
Dell Display and Peripheral Manager for macOS prior to 1.3 contains an improper access control vulnerability. A low privilege user could potentially exploit this vulnerability by modifying files in the installation folder to execute arbitrary code, leading to privilege escalation. • https://www.dell.com/support/kbdoc/en-us/000221414/dsa-2024-056 • CWE-264: Permissions, Privileges, and Access Controls •