CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

61 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: dell-wmi-sysman: Do not perform hex dumping of plaintext password data. The setnewpassword function performs hex dumping of the entire buffer, which contains plaintext password data, including current and new...

5.5CVSS5.7AI score0.00018EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Avoid buffer overflow in currentpasswordstore If the 'buf' array received from the user contains an empty string, the 'length' variable will be zero. Accessing the 'buf' array element with index...

7.8CVSS6.7AI score0.0007EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: dell-sysman: Fixed reference leak issue. If a duplicate attribute is found using ksetfindobj, a reference to that attribute is returned. This means that we need to handle this situation appropriately. In such cases,...

5.5CVSS5.7AI score0.00017EPSS

Exploits0References2

Microsoft CVE•added 2026/03/26 8:1 a.m.•0 views

platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data

...

5.5CVSS5.8AI score0.00018EPSS

Exploits0

SUSE CVE•added 2026/03/25 4:55 p.m.•2 views

SUSE CVE-2026-23370

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data setnewpassword hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking...

5.5CVSS5.7AI score0.00018EPSS

Exploits0References15

RedhatCVE•added 2026/03/25 3:0 p.m.•0 views

CVE-2026-23370

A flaw was found in the dell-wmi-sysman component of the Linux kernel. This vulnerability occurs because the setnewpassword function incorrectly hex dumps the entire buffer, which includes sensitive plaintext password data. A local attacker could exploit this to disclose user credentials, leading...

4.4CVSS5.7AI score0.00018EPSS

Exploits0References4

EUVD•added 2026/03/25 12:30 p.m.•0 views

EUVD-2026-15355

5.6AI score0.00018EPSS

Exploits0References7

NVD•added 2026/03/25 11:16 a.m.•0 views

CVE-2026-23370

5.5CVSS0.00018EPSS

Exploits0References7

OSV•added 2026/03/25 11:16 a.m.•0 views

UBUNTU-CVE-2026-23370

5.5CVSS5.7AI score0.00018EPSS

Exploits0References9

UbuntuCve•added 2026/03/25 11:16 a.m.•2 views

CVE-2026-23370

5.5CVSS5.7AI score0.00018EPSS

Exploits0References8

OSV•added 2026/03/25 10:27 a.m.•0 views

CVE-2026-23370 platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data

5.5CVSS5.7AI score0.00018EPSS

Exploits0References9

Cvelist•added 2026/03/25 10:27 a.m.•17 views

CVE-2026-23370 platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data

0.00018EPSS

Exploits0References7

CVE•added 2026/03/25 10:27 a.m.•4 views

CVE-2026-23370

CVE-2026-23370 concerns a Linux kernel vulnerability in platform/x86: dell-wmi-sysman where set_new_password() hex dumps the buffer containing plaintext passwords (including current/new passwords). The issue could leak credentials locally and is mitigated by removing the hex dump; upstream kernel...

5.5CVSS5.6AI score0.00018EPSS

Exploits0References7Affected Software1

Debian CVE•added 2026/03/25 10:27 a.m.•2 views

CVE-2026-23370

5.5CVSS5.2AI score0.00018EPSS

Exploits0

ATTACKERKB•added 2026/03/25 10:27 a.m.•1 views

CVE-2026-23370

5.6AI score0.00018EPSS

Exploits0References8Affected Software1

Tenable Nessus•added 2026/03/25 12:0 a.m.•0 views

Linux Distros Unpatched Vulnerability : CVE-2026-23370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data setnewpassword hex dumps the entire buffer, which contains plaintext password data,...

5.5CVSS5.8AI score0.00018EPSS

Exploits0References3

Redos•added 2026/03/13 12:0 a.m.•2 views

ROS-20260313-73-0016

A vulnerability in the dell-wmi-sysman component of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

5.5CVSS7.3AI score0.0007EPSS

Exploits0

Redos•added 2026/02/05 12:0 a.m.•4 views

ROS-20260205-73-0033

A vulnerability in the currentpasswordstore function of the dell-wmi-sysman driver of the Linux kernel is related to buffer copying without input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS7.3AI score0.0007EPSS

Exploits0

Tenable Nessus•added 2026/01/22 12:0 a.m.•3 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38077)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38077 advisory. - In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Avoid...

7.8CVSS7.3AI score0.0007EPSS

Exploits0References2

Positive Technologies•added 2026/01/01 12:0 a.m.•0 views

PT-2026-27735

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the platform/x86/dell-wmi-sysman component. The set new password function improperly hex dumps a buffer containing plaintext password data, including...

6AI score0.00018EPSS

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by