CVSS: 3.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38304
https://notcve.org/view.php?id=CVE-2024-38304
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000228137/dsa-2024-310-security-update-for-dell-poweredge-server-for-access-of-memory-location-after-end-of-buffer-vulnerability • CWE-788: Access of Memory Location After End of Buffer •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38303
https://notcve.org/view.php?id=CVE-2024-38303
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-0171
https://notcve.org/view.php?id=CVE-2024-0171
Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources. • https://www.dell.com/support/kbdoc/en-us/000226253/dsa-2024-039-security-update-for-dell-amd-based-poweredge-server-vulnerability • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.9EPSS: 0%CPEs: 14EXPL: 0CVE-2024-0172
https://notcve.org/view.php?id=CVE-2024-0172
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation. El BIOS del servidor Dell PowerEdge y el BIOS del rack Dell Precision contienen una vulnerabilidad de seguridad de administración de privilegios inadecuada. Un atacante local no autenticado podría explotar esta vulnerabilidad, lo que provocaría una escalada de privilegios. • https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability • CWE-269: Improper Privilege Management •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-25942
https://notcve.org/view.php?id=CVE-2024-25942
Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM. El BIOS del servidor Dell PowerEdge contiene una vulnerabilidad de verificación del búfer de comunicación SMM incorrecta. Un atacante físico con altos privilegios podría explotar esta vulnerabilidad y provocar escrituras arbitrarias en SMRAM. • https://www.dell.com/support/kbdoc/en-us/000223210/dsa-2024-104-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability • CWE-20: Improper Input Validation •