CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2024/04/25 12:0 a.m.•71 views

Dell EMC iDRAC8 < 2.85.85.85 (DSA-2024-089)

The version of Dell EMC iDRAC8 installed on the remote host is prior to 2.85.85.85. It is, therefore, affected by a command injection vulnerability in local RACADM. A malicious authenticated user could gain control of the underlying operating system. Note that Nessus has not tested for this issue...

8CVSS7.8AI score0.00927EPSS

NVD•added 2024/03/09 6:15 a.m.•6 views

CVE-2024-25951

A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system...

8CVSS8AI score0.00927EPSS

OSV•added 2024/03/09 6:15 a.m.•0 views

CVE-2024-25951

A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system...

8CVSS5.8AI score0.00927EPSS

Prion•added 2024/03/09 6:15 a.m.•16 views

Command injection

A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system...

5.2CVSS7.6AI score0.00927EPSS

Vulnrichment•added 2024/03/09 5:56 a.m.•11 views

CVE-2024-25951

A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system...

8CVSS7.3AI score0.00927EPSS

CVE•added 2024/03/09 5:56 a.m.•103 views

CVE-2024-25951

CVE-2024-25951 describes a command injection in Dell EMC iDRAC8 local RACADM. An authenticated user can execute commands to gain control of the underlying OS. Affected are iDRAC8 versions prior to 2.85.85.85; remediation is to update to 2.85.85.85 or later (per DSA-2024-089). Other sources corrob...

8CVSS7.9AI score0.00927EPSS

Tenable Nessus•added 2024/01/17 12:0 a.m.•25 views

Dell iDRAC8 Improper Input Validation (CVE-2022-34436)

Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update...

4.9CVSS5.5AI score0.00192EPSS

OSV•added 2023/01/18 12:15 p.m.•0 views

CVE-2022-34436

4.9CVSS5.8AI score0.00192EPSS

OSV•added 2023/01/18 12:15 p.m.•1 views

CVE-2022-34435

Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update...

4.9CVSS5.8AI score0.00141EPSS

Prion•added 2023/01/18 12:15 p.m.•11 views

Input validation

3.3CVSS4.9AI score0.00141EPSS

Prion•added 2023/01/18 12:15 p.m.•18 views

Input validation

3.3CVSS4.9AI score0.00192EPSS

CVE•added 2023/01/18 11:7 a.m.•63 views

CVE-2022-34435

CVE-2022-34435 affects Dell iDRAC9 versions 6.00.02.00 and prior, where an improper input validation in Racadm when firmware lockdown is configured could let a remote, high-privileged attacker bypass the lockdown and perform a firmware update. Some sources cite affected range up to 6.00.30.00; th...

4.9CVSS4.9AI score0.00141EPSS

CNNVD•added 2023/01/18 12:0 a.m.•3 views

Dell iDRAC9 输入验证错误漏洞

The Dell iDRAC9 is a Dell offering that provides comprehensive, embedded management, and automation capabilities across the PowerEdge family of servers. A controller. A security vulnerability exists in Dell iDRAC9 version 6.00.02.00 and prior versions that originates from incorrect input validati...

4.9CVSS5.5AI score0.00141EPSS

CNNVD•added 2023/01/18 12:0 a.m.•2 views

Dell iDRAC8 输入验证错误漏洞

The Dell iDRAC8 is a controller from Dell, Inc. It provides provides comprehensive, embedded management, and automation capabilities across the PowerEdge family of servers. A security vulnerability exists in Dell iDRAC8 version 2.83.83.83 and prior versions, which stems from incorrect input...

4.9CVSS5.5AI score0.00192EPSS

Tenable Nessus•added 2022/11/15 12:0 a.m.•67 views

Dell EMC iDRAC9 < 6.00.30.00 (DSA-2022-265)

The version of Dell EMC iDRAC9 installed on the remote host is prior to 6.00.30.00. It is, therefore, affected by a vulnerability as referenced in the DSA-2022-265 advisory. - Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware...

4.9CVSS5.5AI score0.00141EPSS

NVD•added 2021/11/23 8:15 p.m.•15 views

CVE-2021-36301

Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system...

7.2CVSS0.14489EPSS

OSV•added 2021/11/23 8:15 p.m.•0 views

CVE-2021-36301

7.2CVSS7.2AI score0.14489EPSS