Dell Vostro 3710 Firmware vulnerabilities

46 known vulnerabilities affecting dell/vostro_3710_firmware.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

HIGH7MEDIUM35LOW4

Vulnerabilities

Page 2 of 3

CVE-2023-28032MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28032 [MEDIUM] CWE-20 CVE-2023-28032: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28052MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28052 [MEDIUM] CWE-20 CVE-2023-28052: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28059MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28059 [MEDIUM] CWE-20 CVE-2023-28059: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28058MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28058 [MEDIUM] CWE-20 CVE-2023-28058: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28034MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28034 [MEDIUM] CWE-20 CVE-2023-28034: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28031MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28031 [MEDIUM] CWE-20 CVE-2023-28031: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28044MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28044 [MEDIUM] CWE-20 CVE-2023-28044: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28056MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28056 [MEDIUM] CWE-20 CVE-2023-28056: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28040MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28040 [MEDIUM] CWE-20 CVE-2023-28040: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28035MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28035 [MEDIUM] CWE-20 CVE-2023-28035: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28033MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28033 [MEDIUM] CWE-20 CVE-2023-28033: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28026MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28026 [MEDIUM] CWE-20 CVE-2023-28026: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2023-28029MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-28029 [MEDIUM] CWE-20 CVE-2023-28029: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable

nvd

CVE-2023-25937MEDIUMCVSS 6.7fixed in 1.11.02023-06-23

CVE-2023-25937 [MEDIUM] CWE-20 CVE-2023-25937: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2022-32482MEDIUMCVSS 5.1fixed in 1.7.32023-02-01

CVE-2022-32482 [MEDIUM] CWE-20 CVE-2022-32482: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

nvd

CVE-2022-31226HIGHCVSS 7.8fixed in 1.1.662022-09-12

CVE-2022-31226 [HIGH] CWE-121 CVE-2022-31226: Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malici Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.

nvd

CVE-2022-31225MEDIUMCVSS 5.1fixed in 1.1.662022-09-12

CVE-2022-31225 [MEDIUM] CWE-252 CVE-2022-31225: Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administra Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.

nvd

CVE-2022-31222MEDIUMCVSS 4.4fixed in 1.1.662022-09-12

CVE-2022-31222 [MEDIUM] CWE-401 CVE-2022-31222: Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A l Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by consuming excess memory in order to cause the application to crash.

nvd

CVE-2022-31220MEDIUMCVSS 5.1fixed in 1.1.662022-09-12

CVE-2022-31220 [MEDIUM] CWE-1038 CVE-2022-31220: Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administra Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.

nvd

CVE-2022-31224LOWCVSS 2.4fixed in 1.1.662022-09-12

CVE-2022-31224 [LOW] CWE-1247 CVE-2022-31224: Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by triggering a fault condition in order to change the behavior of the system.

nvd

← Previous2 / 3Next →