CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39578
https://notcve.org/view.php?id=CVE-2024-39578
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering. • https://www.dell.com/support/kbdoc/en-us/000228207/dsa-2024-346-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 3.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38304
https://notcve.org/view.php?id=CVE-2024-38304
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000228137/dsa-2024-310-security-update-for-dell-poweredge-server-for-access-of-memory-location-after-end-of-buffer-vulnerability • CWE-788: Access of Memory Location After End of Buffer •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38303
https://notcve.org/view.php?id=CVE-2024-38303
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability • CWE-20: Improper Input Validation •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2024-39584
https://notcve.org/view.php?id=CVE-2024-39584
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution. • https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354 • CWE-1392: Use of Default Credentials •
CVSS: 6.7EPSS: 0%CPEs: 84EXPL: 0CVE-2023-43078
https://notcve.org/view.php?id=CVE-2023-43078
Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service. • https://www.dell.com/support/kbdoc/en-us/000217981/dsa-2023-362-security-update-for-dell-dock-firmware-and-dell-client-platform-for-an-improper-link-resolution-vulnerability • CWE-59: Improper Link Resolution Before File Access ('Link Following') •