CVSS: 6.7EPSS: 0%CPEs: 582EXPL: 0CVE-2023-28063
https://notcve.org/view.php?id=CVE-2023-28063
06 Feb 2024 — Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. El BIOS de Dell contiene una vulnerabilidad de error de conversión de firmado a no firmado. Un usuario malintencionado local autenticado con privilegios de administrador podría explotar esta vulnerabilidad y provocar una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000214780/dsa-2023-176-dell-client-bios-security-update-for-a-signed-to-unsigned-conversion-error-vulnerability • CWE-195: Signed to Unsigned Conversion Error CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 6.7EPSS: 0%CPEs: 26EXPL: 0CVE-2023-39251
https://notcve.org/view.php?id=CVE-2023-39251
22 Dec 2023 — Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system. Dell BIOS contiene una vulnerabilidad de validación de entrada incorrecta. Un usuario malicioso local con altos privilegios podría explotar esta vulnerabilidad para dañar la memoria del sistema. • https://www.dell.com/support/kbdoc/en-us/000217707/dsa-2023-342 • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 222EXPL: 0CVE-2023-32453
https://notcve.org/view.php?id=CVE-2023-32453
16 Aug 2023 — Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator. • https://www.dell.com/support/kbdoc/en-us/000215217/dsa-2023-190-dell-client-bios • CWE-287: Improper Authentication •
CVSS: 6.9EPSS: 0%CPEs: 490EXPL: 0CVE-2023-28075
https://notcve.org/view.php?id=CVE-2023-28075
16 Aug 2023 — Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system. • https://www.dell.com/support/kbdoc/en-us/000212817/dsa-2023-152-security-update-for-a-dell-client-bios-vulnerability • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 4.9EPSS: 0%CPEs: 140EXPL: 0CVE-2023-28064
https://notcve.org/view.php?id=CVE-2023-28064
23 Jun 2023 — Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. • https://www.dell.com/support/kbdoc/en-us/000214778/dsa-2023-174-dell-client-bios-security-update-for-an-out-of-bounds-write-vulnerability • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 876EXPL: 0CVE-2023-28058
https://notcve.org/view.php?id=CVE-2023-28058
23 Jun 2023 — Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. • https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 876EXPL: 0CVE-2023-28050
https://notcve.org/view.php?id=CVE-2023-28050
23 Jun 2023 — Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. • https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 876EXPL: 0CVE-2023-28026
https://notcve.org/view.php?id=CVE-2023-28026
23 Jun 2023 — Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. • https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 876EXPL: 0CVE-2023-28044
https://notcve.org/view.php?id=CVE-2023-28044
23 Jun 2023 — Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. • https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 876EXPL: 0CVE-2023-28060
https://notcve.org/view.php?id=CVE-2023-28060
23 Jun 2023 — Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. • https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities • CWE-20: Improper Input Validation •