optiplex_7090_tower_firmware

dell / precision_7510_firmware+414

Published Feb 19, 2025

CVE-2021-36342

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_m15_r6_firmware+82

Published Jan 24, 2022

CVE-2022-34403

HIGH7.5

Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.

dell / precision_5820_tower_firmware+414

Published Feb 1, 2023

CVE-2021-36343

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Published Jan 24, 2022

CVE-2021-21574

HIGH7.2

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

CVE-2021-21573

HIGH7.2

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

CVE-2021-21572

HIGH7.2

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

dell / alienware_m15_r6_firmware+82

CVE-2022-34400

HIGH7.1

Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.

dell / latitude_3140_2in1_firmware+260

Published Feb 1, 2023

CVE-2025-29988

MEDIUM6.9

Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.

dell / precision_3430_tower_firmware+173

Published Apr 9, 2025

CVE-2023-48674

MEDIUM6.8

Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function.

Network

Published Mar 1, 2024

CVE-2023-43078

MEDIUM6.7

Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service.

dell / intel_thunderbolt_controller_firmware_update_utility+367

Published Aug 28, 2024

CVE-2021-21571

MEDIUM5.9

Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability using a person-in-the-middle attack which may lead to a denial of service and payload tampering.

Network

dell / alienware_m15_r6_firmware+387

CVE-2024-0158

MEDIUM5.1

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges

dell / alienware_m15_r6_firmware+267

Published Jul 2, 2024

CVE-2024-22448

MEDIUM4.7

Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.