Dell : Security Vulnerabilities, CVEs, (Overflow)
Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers to execute arbitrary code via crafted template string specifiers in a serialized object, which triggers a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
39.51%
Published
2015-05-29
Updated
2016-12-06
Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the webserver or execute arbitrary code on the system with privileges of the webserver by sending specially crafted input data to the affected system.
Max CVSS
10.0
EPSS Score
0.97%
Published
2019-04-26
Updated
2020-10-16
Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.
Max CVSS
10.0
EPSS Score
0.72%
Published
2020-03-31
Updated
2020-04-03
Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo.
Max CVSS
9.8
EPSS Score
0.52%
Published
2017-04-10
Updated
2017-04-14
Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input.
Max CVSS
9.8
EPSS Score
0.42%
Published
2017-04-10
Updated
2017-04-14
Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in PPOE. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input dat
Max CVSS
9.8
EPSS Score
0.21%
Published
2023-12-04
Updated
2023-12-07
iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system.
Max CVSS
9.0
EPSS Score
0.27%
Published
2022-01-25
Updated
2022-01-31
Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ThinLinux HAgent versions prior to 5.4.55 00.10 contain a buffer overflow vulnerability. An unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on the system with privileges of the FTP client by sending specially crafted input data to the affected system. The FTP code that contained the vulnerability has been removed.
Max CVSS
8.8
EPSS Score
0.11%
Published
2019-03-07
Updated
2019-10-09
Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-02-01
Updated
2023-02-09
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
Max CVSS
8.2
EPSS Score
0.04%
Published
2022-03-11
Updated
2023-06-30
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
Max CVSS
8.2
EPSS Score
0.04%
Published
2022-03-11
Updated
2023-06-30
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
Max CVSS
8.2
EPSS Score
0.04%
Published
2022-03-11
Updated
2023-06-30
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
Max CVSS
8.2
EPSS Score
0.04%
Published
2022-03-11
Updated
2023-06-30
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
Max CVSS
8.2
EPSS Score
0.04%
Published
2022-03-11
Updated
2023-06-30
Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348.
Max CVSS
7.8
EPSS Score
0.24%
Published
2016-04-06
Updated
2016-12-03
Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.
Max CVSS
7.8
EPSS Score
0.06%
Published
2022-09-06
Updated
2022-09-13
Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-09-12
Updated
2022-09-15
Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-12
Updated
2022-10-14
Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
Max CVSS
7.8
EPSS Score
0.05%
Published
2022-10-12
Updated
2022-10-14
Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-12
Updated
2022-10-13
Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision M#### devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbu_packet.pktNum value in conjunction with a crafted rbu_packet.pktSize value.
Max CVSS
7.6
EPSS Score
0.06%
Published
2013-08-28
Updated
2013-10-07
Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote attackers to execute arbitrary code via (1) the User-Agent HTTP header to hserver.dll or (2) unspecified input to hagent.exe.
Max CVSS
7.5
EPSS Score
1.00%
Published
2012-06-19
Updated
2012-06-20
Dell EMC ScaleIO, versions prior to 2.5, do not properly handle some packet data in the MDM service. As a result, a remote attacker could potentially send specifically crafted packet data to the MDM service causing it to crash.
Max CVSS
7.5
EPSS Score
0.28%
Published
2018-03-27
Updated
2018-04-24
In Dell EMC NetWorker versions prior to 9.2.1.1, versions prior to 9.1.1.6, 9.0.x, and versions prior to 8.2.4.11, the 'nsrd' daemon causes a buffer overflow condition when handling certain messages. A remote unauthenticated attacker could potentially exploit this vulnerability to cause a denial of service to the users of NetWorker systems.
Max CVSS
7.5
EPSS Score
0.69%
Published
2018-03-19
Updated
2018-04-19
RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.
Max CVSS
7.5
EPSS Score
1.13%
Published
2018-08-31
Updated
2022-04-18