Lucene search
K

36 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-22919

Malware in sbrugna...

8.1CVSS8.1AI score0.29633EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-37390

Malicious code in bioql PyPI...

4.9CVSS5.4AI score0.00513EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.17 views

Dell iDRAC9 Authentication Bypass (CVE-2019-3707)

Dell EMC iDRAC9 versions prior to 3.30.30.30 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by sending specially crafted input data to the WS-MAN interface. This plugin only works...

10CVSS8.5AI score0.03308EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.15 views

Dell iDRAC9 Cross-site Scripting (CVE-2021-21541)

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a DOM-based cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to DOM environment in the browser...

6.1CVSS6.3AI score0.00813EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.38 views

Dell iDRAC9 Authentication Bypass (CVE-2019-3706)

Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22 and 3.21.25.22 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by sending specially crafted data to the iDRAC we...

10CVSS8.4AI score0.03308EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.20 views

Dell iDRAC9 Cross-site Scripting (CVE-2021-21543)

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected parameters. Wh...

4.8CVSS5.3AI score0.00628EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.22 views

Dell iDRAC7 Incorrect Authorization (CVE-2018-15774)

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could potentially exploit a permissions check flaw in th...

8.8CVSS6.6AI score0.00941EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.23 views

Dell iDRAC9 Time-of-check Time-of-use Race Condition (CVE-2021-21539)

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a Time-of-check Time-of-use TOCTOU race condition vulnerability. A remote authenticated attacker could potentially exploit this vulnerability to gain elevated privileges when a user with higher privileges is simultaneously accessing iDRAC throu...

7.1CVSS7AI score0.00616EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.18 views

Dell iDRAC9 Cross-site Scripting (CVE-2021-21542)

Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected while generati...

4.8CVSS5.3AI score0.00397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.19 views

Dell iDRAC9 Improper Authentication (CVE-2021-21544)

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authentication vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to manipulate the username field under the comment section and set the value to any user. This...

4CVSS5AI score0.00921EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.38 views

Dell (CVE-2021-21538)

Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the virtual console. This plugin only works with Tenable.ot. Please visit...

10CVSS7.3AI score0.01726EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.18 views

Dell iDRAC9 Improper Authentication (CVE-2022-24422)

Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access to the VNC Console. This plugin only works with Tenable.ot. Please visit...

10CVSS8.3AI score0.53824EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.7 views

Dell iDRAC9 Security Vulnerability

The Dell iDRAC9 is a Dell offering that provides comprehensive, embedded management, and automation capabilities across the PowerEdge family of servers. A controller. A security vulnerability exists in Dell iDRAC Service Module 5.2.0.0 and prior versions, which originates from a vulnerability tha...

7.8CVSS7.7AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2023/01/18 12:15 p.m.4 views

CVE-2022-34435

Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update...

4.9CVSS5.8AI score0.00513EPSS
Exploits0References1
NVD
NVD
added 2023/01/18 12:15 p.m.13 views

CVE-2022-34435

Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update...

4.9CVSS4.3AI score0.00513EPSS
Exploits0References1
Prion
Prion
added 2023/01/18 12:15 p.m.15 views

Input validation

Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update...

3.3CVSS4.9AI score0.00513EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/18 11:7 a.m.9 views

CVE-2022-34435

Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update...

2.7CVSS4.7AI score0.00513EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/18 11:7 a.m.24 views

CVE-2022-34435

Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update...

2.7CVSS5.2AI score0.00513EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.4 views

Dell iDRAC9 输入验证错误漏洞

The Dell iDRAC9 is a Dell offering that provides comprehensive, embedded management, and automation capabilities across the PowerEdge family of servers. A controller. A security vulnerability exists in Dell iDRAC9 version 6.00.02.00 and prior versions that originates from incorrect input validati...

4.9CVSS5.5AI score0.00513EPSS
Exploits0References2
CheckPoint Security
CheckPoint Security
added 2022/07/03 10:15 p.m.59 views

Check Point response to CVE-2022-0778

Symptoms Dell published CVE-2022-0778 for: iDRAC8 versions before 2.83.83.83 iDRAC9 versions before 5.10.30.00 Cause Refer to DSA-2022-154: Dell iDRAC8 and Dell iDRAC9 Security Update for an OpenSSL Vulnerability. Solution Important Note: If you have not enabled iDRAC as described in sk122914, th...

5CVSS3.6AI score0.70561EPSS
Exploits2Affected Software1
Rows per page
Query Builder