Dell Inspiron 3891 Firmware vulnerabilities

51 known vulnerabilities affecting dell/inspiron_3891_firmware.

Total CVEs
51
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH12MEDIUM38LOW1

Vulnerabilities

Page 2 of 3
CVE-2023-28060MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28060 [MEDIUM] CWE-20 CVE-2023-28060: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28032MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28032 [MEDIUM] CWE-20 CVE-2023-28032: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28052MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28052 [MEDIUM] CWE-20 CVE-2023-28052: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28059MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28059 [MEDIUM] CWE-20 CVE-2023-28059: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28058MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28058 [MEDIUM] CWE-20 CVE-2023-28058: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28034MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28034 [MEDIUM] CWE-20 CVE-2023-28034: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28031MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28031 [MEDIUM] CWE-20 CVE-2023-28031: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28044MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28044 [MEDIUM] CWE-20 CVE-2023-28044: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28056MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28056 [MEDIUM] CWE-20 CVE-2023-28056: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28040MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28040 [MEDIUM] CWE-20 CVE-2023-28040: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28035MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28035 [MEDIUM] CWE-20 CVE-2023-28035: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28033MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28033 [MEDIUM] CWE-20 CVE-2023-28033: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28026MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28026 [MEDIUM] CWE-20 CVE-2023-28026: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2023-28029MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-28029 [MEDIUM] CWE-20 CVE-2023-28029: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable
nvd
CVE-2023-25937MEDIUMCVSS 6.7fixed in 1.17.02023-06-23
CVE-2023-25937 [MEDIUM] CWE-20 CVE-2023-25937: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2022-24410MEDIUMCVSS 4.2fixed in 1.0.202023-02-10
CVE-2022-24410 [MEDIUM] CWE-200 CVE-2022-24410: Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with ph Dell BIOS contains an information exposure vulnerability. An unauthenticated local attacker with physical access to the system and knowledge of the system configuration could potentially exploit this vulnerability to read system information via debug interfaces.
nvd
CVE-2022-34400HIGHCVSS 7.1fixed in 1.12.02023-02-01
CVE-2022-34400 [HIGH] CWE-122 CVE-2022-34400: Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges cou Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.
nvd
CVE-2022-34403HIGHCVSS 8.8fixed in 1.12.02023-02-01
CVE-2022-34403 [HIGH] CWE-121 CVE-2022-34403: Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker coul Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.
nvd
CVE-2022-32482MEDIUMCVSS 5.1fixed in 1.12.02023-02-01
CVE-2022-32482 [MEDIUM] CWE-20 CVE-2022-32482: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2022-26859HIGHCVSS 7.0fixed in 1.4.12022-09-06
CVE-2022-26859 [MEDIUM] CWE-367 CVE-2022-26859: Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM.
nvd
← Previous2 / 3Next →
Dell Inspiron 3891 Firmware vulnerabilities | cvebase