Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-25916PUBLISHED: 2023-02-01Versions of the package mt7688-wiscan before 0.8.3 are vulnerable to Command Injection due to improper input sanitization in the 'wiscan.scan' function.
CVE-2022-34400PUBLISHED: 2023-02-01Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.
CVE-2022-34443PUBLISHED: 2023-02-01Dell Rugged Control Center, versions prior to 4.5, contain an Improper Input Validation in the Service EndPoint. A Local Low Privilege attacker could potentially exploit this vulnerability, leading to an Escalation of privileges.
CVE-2022-34458PUBLISHED: 2023-02-01
Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in download operation component. A local malicious user could potentially exploit this vulnerability leading to the disclo...
CVE-2022-34459PUBLISHED: 2023-02-01Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a improper verification of cryptographic signature in get applicable driver component. A local malicious user could potentially exploit this vulnerability leading to malicious payload execution.
User Rank: Apprentice
5/28/2019 | 11:48:27 AM