cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-47238,https://securityvulnerability.io/vulnerability/CVE-2024-47238,Dell BIOS vulnerability allows arbitrary code execution with high privilege,"The Dell Client Platform BIOS is affected by an input validation vulnerability in an externally developed component. This flaw may allow a highly privileged attacker with local access to exploit the vulnerability, potentially leading to arbitrary code execution on the affected system. Addressing this issue is vital for maintaining the integrity and security of the system's BIOS, as improper input handling could facilitate unauthorized actions and compromise sensitive data.",Dell,Dell Client Platform BiOS,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-12T17:38:19.407Z,0
CVE-2024-42425,https://securityvulnerability.io/vulnerability/CVE-2024-42425,Dell Precision Rack Faces Memory Access Vulnerability,"Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.",Dell,Dell Precision Rack BiOS,5.5,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-09-10T08:17:04.690Z,0
CVE-2024-42424,https://securityvulnerability.io/vulnerability/CVE-2024-42424,Dell Precision Rack Vulnerability Could Lead to Information Disclosure,"Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.",Dell,Dell Precision Rack BiOS,6,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-10T08:05:43.080Z,0
CVE-2024-39584,https://securityvulnerability.io/vulnerability/CVE-2024-39584,Dell BIOS Vulnerability Allows High-Privilege Attackers to bypass Secure Boot and Execute Arbitrary Code,"The Dell Client Platform BIOS is vulnerable due to the use of a default cryptographic key, which can be exploited by high privileged attackers with local access. This vulnerability may allow for a bypass of Secure Boot mechanisms, potentially leading to arbitrary code execution. As a result, attackers could jeopardize system integrity, execute unauthorized commands, or further compromise the device's security. Organizations using affected Dell devices should evaluate their risk exposure and ensure they take necessary actions to mitigate this vulnerability.",Dell,Dell Client Platform BiOS,8.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-28T05:46:40.013Z,0
CVE-2024-38483,https://securityvulnerability.io/vulnerability/CVE-2024-38483,Dell BIOS Vulnerability Could Lead to Code Execution,"Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.",Dell,Dell Client Platform BiOS,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-14T09:24:10.775Z,0
CVE-2023-32467,https://securityvulnerability.io/vulnerability/CVE-2023-32467,Dell Edge Gateway BIOS Vulnerability Could Lead to Arbitrary Code Execution,"A local authenticated malicious user with elevated privileges may exploit an out-of-bounds write vulnerability present in the BIOS of the Dell Edge Gateway 3200 and 5200 models. This exploitation could lead to unintended exposure of UEFI code, potentially allowing the attacker to execute arbitrary code or escalate privileges on the affected systems. Such scenarios pose significant security risks to the integrity and confidentiality of the systems utilizing this affected BIOS version.",Dell,Powerswitch Z9664f-on BiOS,8.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-10T02:39:47.352Z,0
CVE-2023-32472,https://securityvulnerability.io/vulnerability/CVE-2023-32472,Dell Edge Gateway BIOS Vulnerability,"The Dell Edge Gateway BIOS for models 3200 and 5200 has a vulnerability that allows an authenticated local user with elevated privileges to exploit an out-of-bounds write condition. This could result in unintended exposure of sensitive code residing in the System Management Mode, which may lead to arbitrary code execution or the potential escalation of privileges within the affected system. It's essential for users of the affected products to apply the necessary security updates to mitigate these risks.",Dell,Powerswitch Z9664f-on BiOS,8.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-10T02:32:00.277Z,0
CVE-2024-0158,https://securityvulnerability.io/vulnerability/CVE-2024-0158,Dell BIOS Vulnerability Could Lead to Denial of Service and Escalation of Privileges,"Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges",Dell,Cpg BiOS,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-02T06:20:44.735Z,0
CVE-2024-32855,https://securityvulnerability.io/vulnerability/CVE-2024-32855,Dell BIOS Vulnerability Could Lead to Information Tampering,"Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.",Dell,Cpg BiOS,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-25T04:06:39.172Z,0
CVE-2024-32860,https://securityvulnerability.io/vulnerability/CVE-2024-32860,Dell BIOS Vulnerability Could Lead to Code Execution,"The Dell Client Platform BIOS has been identified with an improperly validated input vulnerability within an externally developed component. This flaw permits a high privileged attacker who has local access to the system to potentially exploit the vulnerability, leading to arbitrary code execution. It is critical for users of affected Dell Client Platform BIOS versions to assess their security measures and apply any available patches or mitigations to protect against potential exploitation.",Dell,Cpg BiOS,8.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-13T13:00:19.384Z,0
CVE-2024-32858,https://securityvulnerability.io/vulnerability/CVE-2024-32858,Dell BIOS Vulnerability Could Lead to Code Execution,"The Dell Client Platform BIOS contains an Improper Input Validation vulnerability which resides in an externally developed component. This vulnerability can be exploited by a high privileged local attacker, potentially leading to unauthorized code execution on the affected system. It is crucial for organizations to review the affected versions of the BIOS and apply the recommended remediation measures to mitigate the risk associated with this weakness. For detailed information, please refer to the vendor advisory.",Dell,Cpg BiOS,8.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-13T12:48:29.724Z,0
CVE-2024-32859,https://securityvulnerability.io/vulnerability/CVE-2024-32859,Dell BIOS Vulnerability Could Lead to Code Execution,"A vulnerability exists in the Dell Client Platform BIOS due to improper input validation in an externally developed component. This flaw may allow a high-privileged attacker with local access to exploit the vulnerability, potentially leading to arbitrary code execution. Users of affected systems are advised to apply security patches provided by Dell to mitigate the risks associated with this vulnerability.",Dell,Cpg BiOS,8.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-13T12:39:41.863Z,0
CVE-2024-32856,https://securityvulnerability.io/vulnerability/CVE-2024-32856,Dell BIOS Vulnerability Could Lead to Information Disclosure,"Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.",Dell,Cpg BiOS,6,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-13T11:51:03.183Z,0
CVE-2024-28970,https://securityvulnerability.io/vulnerability/CVE-2024-28970,Dell Client BIOS Vulnerability Could Lead to Platform Denial of Service,"Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service.",Dell,Cpg BiOS,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-12T06:51:49.004Z,0
CVE-2024-0160,https://securityvulnerability.io/vulnerability/CVE-2024-0160,BIOS Authorization Vulnerability Affects Dell Client Platform,Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS.,Dell,Cpg BiOS,6.8,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-06-12T06:41:33.041Z,0
CVE-2023-32475,https://securityvulnerability.io/vulnerability/CVE-2023-32475,BIOS Vulnerability Allows Arbitrary Code Execution with Physical Access,"Dell BIOS has a vulnerability due to the absence of support for integrity checks, which allows an attacker with physical access to the system to bypass existing security mechanisms. This vulnerability could potentially enable the execution of arbitrary code on the affected system, posing significant risks to data integrity and system security.",Dell,Cpg BiOS,7.6,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-06-07T02:13:17.515Z,0
CVE-2024-22429,https://securityvulnerability.io/vulnerability/CVE-2024-22429,Dell BIOS Vulnerability Could Lead to Arbitrary Code Execution,"The BIOS firmware provided by Dell is affected by an improper input validation vulnerability. This issue allows a local, authenticated attacker who possesses admin privileges to exploit the vulnerability, which may lead to arbitrary code execution. Such exploitation can pose significant risks to the integrity and availability of the system, allowing attackers to potentially manipulate the environment beyond intended security measures. Users are advised to review their BIOS versions and apply appropriate patches or mitigations provided by Dell.",Dell,Cpg BiOS,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-17T16:15:00.000Z,0
CVE-2024-22448,https://securityvulnerability.io/vulnerability/CVE-2024-22448,Dell BIOS Vulnerability Could Lead to Denial of Service,"Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.",Dell,Cpg BiOS,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-10T07:30:08.507Z,0
CVE-2024-0163,https://securityvulnerability.io/vulnerability/CVE-2024-0163,Dell PowerEdge Server BIOS Race Condition Vulnerability Could Lead to Unauthorized Access,Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources.,Dell,Poweredge BiOS Intel 16g,6.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-13T16:28:00.444Z,0
CVE-2024-0162,https://securityvulnerability.io/vulnerability/CVE-2024-0162,Dell PowerEdge Server BIOS Vulnerability: Out-of-Bound SMRAM Access,"Dell PowerEdge Server and Precision Rack BIOS are susceptible to a vulnerability involving improper verification of System Management Mode (SMM) communication buffers. This issue allows a local low privileged attacker to potentially exploit the vulnerability, leading to unauthorized out-of-bound read and write operations to System Management RAM (SMRAM). The exploitation of this vulnerability could compromise system integrity, making it a critical concern for users managing these servers.",Dell,Poweredge BiOS Intel 16g,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-13T16:18:23.730Z,0
CVE-2023-48674,https://securityvulnerability.io/vulnerability/CVE-2023-48674,Dell Platform BIOS Vulnerable to Improper Null Termination Attack,Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function.,Dell,Cpg Bios,4.9,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-03-01T12:35:56.866Z,0
CVE-2023-28063,https://securityvulnerability.io/vulnerability/CVE-2023-28063,Dell BIOS Vulnerability Could Lead to Denial of Service,"A vulnerability exists in Dell BIOS due to a signed to unsigned conversion error. This flaw allows a local authenticated user with administrative privileges to exploit the vulnerability, which could lead to a denial of service condition. Such an exploit can compromise the security and reliability of affected systems, requiring urgent attention for mitigation.",Dell,Cpg BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-06T07:38:54.321Z,0
CVE-2023-39251,https://securityvulnerability.io/vulnerability/CVE-2023-39251,Improper Input Validation in Dell BIOS Software,"Dell BIOS has a vulnerability characterized by improper input validation. A local user with elevated privileges could leverage this flaw to manipulate memory, potentially leading to system instability or unauthorized access. This vulnerability emphasizes the importance of ensuring firmware security and timely updates to mitigate risks.",Dell,CPG BIOS,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-12-22T18:15:00.000Z,0
CVE-2023-43088,https://securityvulnerability.io/vulnerability/CVE-2023-43088,Pre-Boot Direct Memory Access Vulnerability in Dell Client BIOS,"The Dell Client BIOS contains a vulnerability that allows for direct memory access (DMA) during the pre-boot phase. This vulnerability can potentially be exploited by an authenticated attacker with physical access to the system, which may lead to arbitrary code execution on the affected device. It highlights significant security risks, especially in environments where physical access controls may be lax.",Dell,CPG BIOS,7.2,HIGH,0.0005499999970197678,false,,false,false,false,,,false,false,,2023-12-22T18:15:00.000Z,0
CVE-2023-44297,https://securityvulnerability.io/vulnerability/CVE-2023-44297,Debug Code Security Vulnerability in Dell PowerEdge and Precision BIOS,"A security flaw in Dell PowerEdge platforms and Precision BIOS versions exposes systems to risk. Unauthenticated physical attackers may exploit active debug code to gain unauthorized access, leading to potential information disclosure, tampering, or even code execution. The vulnerability highlights the importance of securing physical access to server hardware to prevent malicious actions.",Dell,PowerEdge BIOS,7.1,HIGH,0.0005499999970197678,false,,false,false,false,,,false,false,,2023-12-05T16:15:00.000Z,0