Multiple vulnerabilities in Dell PowerStoreT OS
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 99 |
| CVE-ID | CVE-2024-56704 CVE-2024-56600 CVE-2024-56623 CVE-2024-57791 CVE-2024-56759 CVE-2024-56548 CVE-2024-8805 CVE-2024-56539 CVE-2024-56631 CVE-2022-49035 CVE-2024-53240 CVE-2024-56650 CVE-2024-53239 CVE-2024-53214 CVE-2024-53179 CVE-2024-53173 CVE-2024-53156 CVE-2024-53146 CVE-2024-53144 CVE-2024-56604 CVE-2024-56605 CVE-2024-49995 CVE-2024-35863 CVE-2024-50199 CVE-2024-50205 CVE-2024-12085 CVE-2024-52530 CVE-2025-36572 CVE-2024-45818 CVE-2024-45817 CVE-2024-45819 CVE-2024-12086 CVE-2024-12088 CVE-2024-12747 CVE-2024-12087 CVE-2024-13176 CVE-2024-56601 CVE-2022-49043 CVE-2024-12133 CVE-2024-52531 CVE-2024-52532 CVE-2024-50302 CVE-2024-57893 CVE-2023-52923 CVE-2024-57849 CVE-2024-56658 CVE-2024-56664 CVE-2023-52524 CVE-2024-50208 CVE-2024-11187 CVE-2024-46849 CVE-2024-47674 CVE-2024-50047 CVE-2024-49867 CVE-2024-49860 CVE-2024-49936 CVE-2022-49015 CVE-2024-49974 CVE-2022-48967 CVE-2022-49025 CVE-2022-48988 CVE-2022-48991 CVE-2022-48962 CVE-2022-48947 CVE-2024-46818 CVE-2024-46816 CVE-2024-46817 CVE-2022-48970 CVE-2024-49982 CVE-2022-49023 CVE-2024-49991 CVE-2021-47589 CVE-2024-52533 CVE-2024-47747 CVE-2024-47668 CVE-2024-53061 CVE-2024-50115 CVE-2024-50154 CVE-2024-53063 CVE-2024-49925 CVE-2024-53142 CVE-2024-50264 CVE-2024-50267 CVE-2024-50301 CVE-2024-50127 CVE-2024-50125 CVE-2024-50279 CVE-2024-50290 CVE-2022-49014 CVE-2024-47684 CVE-2022-48956 CVE-2024-46813 CVE-2024-47706 CVE-2024-45016 CVE-2022-49003 CVE-2022-48664 CVE-2022-48999 CVE-2023-52919 CVE-2022-48960 |
| CWE-ID | CWE-415 CWE-416 CWE-20 CWE-284 CWE-119 CWE-476 CWE-125 CWE-190 CWE-908 CWE-457 CWE-444 CWE-798 CWE-667 CWE-833 CWE-401 CWE-200 CWE-22 CWE-362 CWE-385 CWE-400 CWE-835 CWE-399 CWE-193 CWE-191 CWE-682 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #42 is being exploited in the wild. |
| Vulnerable software |
PowerStore 3200Q Hardware solutions / Firmware PowerStore 9200T Hardware solutions / Firmware PowerStore 9000T Hardware solutions / Firmware PowerStore 7000T Hardware solutions / Firmware PowerStore 5200T Hardware solutions / Firmware PowerStore 5000T Hardware solutions / Firmware PowerStore 3200T Hardware solutions / Firmware PowerStore 3000T Hardware solutions / Firmware PowerStore 1200T Hardware solutions / Firmware PowerStore 1000T Hardware solutions / Firmware PowerStore 500T Hardware solutions / Firmware PowerStoreT OS Hardware solutions / Firmware |
| Vendor | Dell |
Security Bulletin
This security bulletin contains information about 99 vulnerabilities.
1) Double free
EUVDB-ID: #VU102192
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56704
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the xen_9pfs_front_free() function in net/9p/trans_xen.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use-after-free
EUVDB-ID: #VU102016
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56600
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the htons() function in net/ipv6/af_inet6.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use-after-free
EUVDB-ID: #VU102023
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56623
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qla2x00_do_dpc() function in drivers/scsi/qla2xxx/qla_os.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU102990
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57791
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the smc_clc_wait_msg() function in net/smc/smc_clc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use-after-free
EUVDB-ID: #VU102393
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56759
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_force_cow_block() and btrfs_cow_block() functions in fs/btrfs/ctree.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use-after-free
EUVDB-ID: #VU102075
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56548
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hfsplus_read_wrapper() function in fs/hfsplus/wrapper.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper access control
EUVDB-ID: #VU97651
Risk: High
CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-8805
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions within the implementation of the HID over GATT Profile. A remote attacker on the local network can bypass implemented security restrictions and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Buffer overflow
EUVDB-ID: #VU102236
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56539
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/net/wireless/marvell/mwifiex/fw.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Use-after-free
EUVDB-ID: #VU102024
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56631
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sg_release() function in drivers/scsi/sg.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU102285
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49035
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the s5p_cec_irq_handler() function in drivers/media/cec/platform/s5p/s5p_cec.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) NULL pointer dereference
EUVDB-ID: #VU101818
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-53240
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote backend to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the guest xen-netfront driver. A a malicious network backend can crash the guest OS.
Install update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Out-of-bounds read
EUVDB-ID: #VU102078
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56650
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the led_tg_check() function in net/netfilter/xt_LED.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Use-after-free
EUVDB-ID: #VU102070
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53239
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the usb6fire_chip_abort(), usb6fire_chip_destroy(), usb6fire_chip_probe() and usb6fire_chip_disconnect() functions in sound/usb/6fire/chip.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Out-of-bounds read
EUVDB-ID: #VU102092
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53214
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vfio_virt_config_read() and vfio_config_do_rw() functions in drivers/vfio/pci/vfio_pci_config.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Use-after-free
EUVDB-ID: #VU102054
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53179
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_get_sign_key(), smb2_find_smb_ses_unlocked(), smb2_calc_signature() and smb3_calc_signature() functions in fs/smb/client/smb2transport.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Use-after-free
EUVDB-ID: #VU102058
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53173
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfs4_open_release() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Out-of-bounds read
EUVDB-ID: #VU101911
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53156
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the htc_connect_service() function in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Integer overflow
EUVDB-ID: #VU101921
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53146
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the decode_cb_compound4res() function in fs/nfsd/nfs4callback.c. A local user can execute arbitrary code.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Input validation error
EUVDB-ID: #VU101815
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53144
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_user_confirm_request_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Use-after-free
EUVDB-ID: #VU102019
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56604
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rfcomm_sock_alloc() function in net/bluetooth/rfcomm/sock.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Use-after-free
EUVDB-ID: #VU102020
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56605
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_sock_alloc() function in net/bluetooth/l2cap_sock.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Buffer overflow
EUVDB-ID: #VU99192
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49995
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bearer_name_validate() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Use-after-free
EUVDB-ID: #VU90151
Risk: Medium
CVSSv4.0: 4.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-35863
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the is_valid_oplock_break() function in fs/smb/client/misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Use-after-free
EUVDB-ID: #VU100120
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50199
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the unuse_mm() function in mm/swapfile.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Use of uninitialized resource
EUVDB-ID: #VU100136
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50205
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the apply_constraint_to_size() function in sound/firewire/amdtp-stream.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Use of Uninitialized Variable
EUVDB-ID: #VU102730
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-12085
CWE-ID:
CWE-457 - Use of Uninitialized Variable
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to information leak when comparing file checksums. A remote attacker can pass specially crafted data to the daemon and read 1 byte of uninitialized memory from stack.
Install update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU100445
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-52530
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Use of hard-coded credentials
EUVDB-ID: #VU109882
Risk: Medium
CVSSv4.0: 6.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-36572
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials in the PowerStore image file. A remote user with access to the system can abuse hard-coded credentials to escalate privileges.
Install update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Improper locking
EUVDB-ID: #VU100325
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-45818
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to perform a denial of service attack (DoS) on the target system.
The vulnerability exists due to improper locking in standard VGA implementation. A malicious guest can cause a deadlock and perform a denial of service attack against the entire host.
Install update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Deadlock
EUVDB-ID: #VU97680
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45817
CWE-ID:
CWE-833 - Deadlock
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack (DoS) on the target system.
The vulnerability exists due to a deadlock within the vlapic_error() function. A buggy or malicious HVM or PVH guest can deadlock Xen and perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Memory leak
EUVDB-ID: #VU100327
Risk: Medium
CVSSv4.0: 5.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-45819
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to gain access to sensitive information.
The vulnerability exists due data leak in libxl related to how PBH guests work with ACPI tables. A malicious guest can access sensitive information pertaining to the host, control domain, or other guests.
Install update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Information disclosure
EUVDB-ID: #VU102732
Risk: Medium
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-12086
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application when handling checksums. A remote attacker can trick the victim into connecting to an attacker-controlled server and enumerate contents of arbitrary files on the client's machine, basically allowing a rouge server to read contents byte-by-byte of any file on the client's system.
This issue occurs when files are being copied from a client to a server.
Install update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Path traversal
EUVDB-ID: #VU102736
Risk: Medium
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-12088
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote server to write files to arbitrary locations on the system.
Install update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Race condition
EUVDB-ID: #VU102739
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-12747
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a race condition when handling symbolic links. A local user can replace a file with a symbolic link, bypass implemented protection in rsync that prevents software from following symbolic links and read contents of arbitrary files on the system with elevated privileges.
Install update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Path traversal
EUVDB-ID: #VU102734
Risk: Medium
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-12087
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote server to write files to arbitrary locations on the system.
The vulnerability exists due to input validation error when using "--inc-recursive" option. A remote attacker can can trick the victim into connecting to a rouge rsync server and write arbitrary files to arbitrary locations on the client system.
Install update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Covert Timing Channel
EUVDB-ID: #VU103600
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-13176
CWE-ID:
CWE-385 - Covert Timing Channel
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to recover a private key.
The vulnerability exists due to a timing side-channel in ECDSA signature computations. A remote attacker can recover the private key and decrypt data.
Successful exploitation of the vulnerability requires that the attacker's process must either be located in the same physical computer or must have a very fast network connection with low latency.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Use-after-free
EUVDB-ID: #VU102015
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56601
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the htons() function in net/ipv4/af_inet.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Use-after-free
EUVDB-ID: #VU103502
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-49043
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the xmlXIncludeAddNode() function in xinclude.c. A remote attacker can pass specially crafted XML input to the application, trigger a use-after-free error and crash the application or potentially execute arbitrary code.
Install update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Resource exhaustion
EUVDB-ID: #VU103980
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-12133
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources processing a large number of SEQUENCE OF or SET OF elements in a certificate. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Buffer overflow
EUVDB-ID: #VU100995
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-52531
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when performing conversion to UTF-8. A remote attacker can trigger memory corruption and crash the application.
Install update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Infinite loop
EUVDB-ID: #VU100446
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-52532
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop when reading WebSocket data. A remote attacker can trick the victim into visiting a specially crafted website, consume all available system resources and cause denial of service conditions.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Memory leak
EUVDB-ID: #VU100611
Risk: Medium
CVSSv4.0: 6.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Green]
CVE-ID: CVE-2024-50302
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hid_alloc_report_buf() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.
Note, the vulnerability is being actively exploited in the wild against Android devices.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
43) Out-of-bounds read
EUVDB-ID: #VU102918
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57893
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the DEFINE_SPINLOCK() and snd_seq_oss_synth_sysex() functions in sound/core/seq/oss/seq_oss_synth.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Improper locking
EUVDB-ID: #VU103086
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52923
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nft_rbtree_cmp(), __nft_rbtree_lookup(), nft_rbtree_get(), nft_rbtree_gc_elem(), nft_rbtree_activate(), nft_rbtree_flush() and nft_rbtree_gc() functions in net/netfilter/nft_set_rbtree.c, within the pipapo_drop(), pipapo_gc() and nft_pipapo_activate() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_cmp(), nft_rhash_activate(), nft_rhash_flush(), nft_rhash_deactivate(), nft_rhash_gc() and nft_rhash_destroy() functions in net/netfilter/nft_set_hash.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Use-after-free
EUVDB-ID: #VU102912
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57849
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cpumsf_pmu_stop() function in arch/s390/kernel/perf_cpum_sf.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Use-after-free
EUVDB-ID: #VU102033
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56658
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the LLIST_HEAD(), net_free() and cleanup_net() functions in net/core/net_namespace.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Use-after-free
EUVDB-ID: #VU102034
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56664
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sock_map_lookup_sys() function in net/core/sock_map.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Improper locking
EUVDB-ID: #VU91319
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52524
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfc_llcp_register_device() function in net/nfc/llcp_core.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Buffer overflow
EUVDB-ID: #VU100141
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50208
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the bnxt_qplib_alloc_init_hwq() function in drivers/infiniband/hw/bnxt_re/qplib_res.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Resource exhaustion
EUVDB-ID: #VU103436
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-11187
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when handling DNS zones with numerous records in the Additional section. A remote attacker can trigger resource exhaustion by sending multiple queries to he affected server and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Use-after-free
EUVDB-ID: #VU97781
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46849
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the axg_card_add_tdm_loopback() function in sound/soc/meson/axg-card.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) Use-after-free
EUVDB-ID: #VU98598
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47674
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the remap_p4d_range() and remap_pfn_range_notrack() functions in mm/memory.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Improper locking
EUVDB-ID: #VU98995
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50047
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the SMB2_negotiate() function in fs/smb/client/smb2pdu.c, within the smb2_get_enc_key(), crypt_message(), smb3_init_transform_rq() and decrypt_raw_data() functions in fs/smb/client/smb2ops.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Use-after-free
EUVDB-ID: #VU98885
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49867
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the close_ctree() function in fs/btrfs/disk-io.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Buffer overflow
EUVDB-ID: #VU99194
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49860
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the acpi_device_setup_files() function in drivers/acpi/device_sysfs.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Use-after-free
EUVDB-ID: #VU98873
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49936
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xenvif_new_hash() and xenvif_flush_hash() functions in drivers/net/xen-netback/hash.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Input validation error
EUVDB-ID: #VU99199
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49015
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hsr_deliver_master() function in net/hsr/hsr_forward.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Input validation error
EUVDB-ID: #VU99220
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49974
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nfs4_state_create_net() function in fs/nfsd/nfs4state.c, within the nfs4_put_copy() and nfsd4_copy() functions in fs/nfsd/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Input validation error
EUVDB-ID: #VU99211
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48967
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nci_add_new_protocol() function in net/nfc/nci/ntf.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Input validation error
EUVDB-ID: #VU99201
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49025
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads_termtbl.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Improper locking
EUVDB-ID: #VU99197
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48988
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the memcg_write_event_control() function in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Input validation error
EUVDB-ID: #VU99215
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48991
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the retract_page_tables() function in mm/khugepaged.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Input validation error
EUVDB-ID: #VU99208
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48962
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hisi_femac_rx() function in drivers/net/ethernet/hisilicon/hisi_femac.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Buffer overflow
EUVDB-ID: #VU99095
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48947
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the l2cap_config_req() function in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Input validation error
EUVDB-ID: #VU97842
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46818
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the is_pin_busy(), set_pin_busy(), set_pin_free(), dal_gpio_service_lock() and dal_gpio_service_unlock() functions in drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Resource management error
EUVDB-ID: #VU97829
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46816
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_dm_initialize_drm_device() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Resource management error
EUVDB-ID: #VU97830
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46817
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_dm_initialize_drm_device() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Resource management error
EUVDB-ID: #VU99140
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48970
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sk_diag_show_rqlen(), sk_diag_fill(), sk_diag_dump() and unix_diag_dump() functions in net/unix/diag.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Use-after-free
EUVDB-ID: #VU98879
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49982
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ata_rw_frameinit(), aoecmd_ata_rw(), resend(), probe() and aoecmd_ata_id() functions in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Buffer overflow
EUVDB-ID: #VU99098
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49023
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the cfg80211_gen_new_ie() function in net/wireless/scan.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Use-after-free
EUVDB-ID: #VU98882
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49991
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pqm_clean_queue_resource() function in drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c, within the kfd_process_destroy_pdds() function in drivers/gpu/drm/amd/amdkfd/kfd_process.c, within the kfd_free_mqd_cp() function in drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager.c, within the deallocate_hiq_sdma_mqd() function in drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c, within the kfd_gtt_sa_fini() and kgd2kfd_device_exit() functions in drivers/gpu/drm/amd/amdkfd/kfd_device.c, within the kfd_ioctl_create_queue() function in drivers/gpu/drm/amd/amdkfd/kfd_chardev.c, within the amdgpu_amdkfd_free_gtt_mem() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
72) Use-after-free
EUVDB-ID: #VU92300
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47589
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the igbvf_probe() function in drivers/net/ethernet/intel/igbvf/netdev.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
73) Off-by-one
EUVDB-ID: #VU100566
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-52533
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an off-by-one error in gio/gsocks4aproxy.c when handling responses from SOCKS4 proxy. A remote attacker can trick the victim into connecting to a malicious SOCKS4 proxy server, trigger an off-by-one error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
74) Use-after-free
EUVDB-ID: #VU98888
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47747
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ether3_remove() function in drivers/net/ethernet/seeq/ether3.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
75) Buffer overflow
EUVDB-ID: #VU98376
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47668
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the __genradix_ptr_alloc() function in lib/generic-radix-tree.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
76) Buffer overflow
EUVDB-ID: #VU100733
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53061
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the exynos4_jpeg_parse_decode_h_tbl(), get_word_be() and s5p_jpeg_parse_hdr() functions in drivers/media/platform/s5p-jpeg/jpeg-core.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
77) Out-of-bounds read
EUVDB-ID: #VU99810
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50115
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nested_svm_get_tdp_pdptr() function in arch/x86/kvm/svm/nested.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
78) Use-after-free
EUVDB-ID: #VU100062
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50154
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the reqsk_queue_unlink() and reqsk_timer_handler() functions in net/ipv4/inet_connection_sock.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
79) Resource management error
EUVDB-ID: #VU100741
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53063
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the DECLARE_RWSEM() and dvb_register_device() functions in drivers/media/dvb-core/dvbdev.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
80) Use-after-free
EUVDB-ID: #VU98871
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49925
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efifb_probe(), pm_runtime_put() and efifb_remove() functions in drivers/video/fbdev/efifb.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
81) Use of uninitialized resource
EUVDB-ID: #VU101347
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53142
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the do_name() and do_copy() functions in init/initramfs.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
82) Use-after-free
EUVDB-ID: #VU100612
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50264
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the virtio_transport_destruct() function in net/vmw_vsock/virtio_transport_common.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
83) Use-after-free
EUVDB-ID: #VU100613
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50267
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the edge_bulk_out_data_callback() and edge_bulk_out_cmd_callback() functions in drivers/usb/serial/io_edgeport.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
84) Out-of-bounds read
EUVDB-ID: #VU100622
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50301
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the security/keys/keyring.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
85) Use-after-free
EUVDB-ID: #VU99808
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50127
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the taprio_change() function in net/sched/sch_taprio.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
86) Use-after-free
EUVDB-ID: #VU99806
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50125
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the SCO_CONN_TIMEOUT(), sco_sock_timeout() and sco_conn_del() functions in net/bluetooth/sco.c, within the bt_sock_unlink() function in net/bluetooth/af_bluetooth.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
87) Out-of-bounds read
EUVDB-ID: #VU100620
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50279
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the can_resize() function in drivers/md/dm-cache-target.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
88) Integer underflow
EUVDB-ID: #VU100637
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50290
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the cx24116_read_snr_pct() function in drivers/media/dvb-frontends/cx24116.c. A local user can execute arbitrary code.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
89) Incorrect calculation
EUVDB-ID: #VU99182
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49014
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the __tun_detach() and tun_detach() functions in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
90) NULL pointer dereference
EUVDB-ID: #VU98980
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47684
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/net/tcp.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
91) Resource management error
EUVDB-ID: #VU99165
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48956
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ip6_fragment() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
92) Out-of-bounds read
EUVDB-ID: #VU97785
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46813
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dc_get_link_at_index() function in drivers/gpu/drm/amd/display/dc/core/dc_link_exports.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
93) Use-after-free
EUVDB-ID: #VU98897
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47706
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_init_rq() function in block/bfq-iosched.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
94) Use-after-free
EUVDB-ID: #VU97169
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45016
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the netem_enqueue() function in net/sched/sch_netem.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
95) Improper locking
EUVDB-ID: #VU99005
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49003
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_mpath_revalidate_paths() function in drivers/nvme/host/multipath.c, within the nvme_ns_remove() function in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
96) Improper locking
EUVDB-ID: #VU92031
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48664
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the close_ctree() function in fs/btrfs/disk-io.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
97) Input validation error
EUVDB-ID: #VU99206
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48999
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ipv4_fcnal() function in tools/testing/selftests/net/fib_nexthops.sh, within the fib_nh_match() function in net/ipv4/fib_semantics.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
98) NULL pointer dereference
EUVDB-ID: #VU99255
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52919
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the send_acknowledge() function in net/nfc/nci/spi.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
99) Input validation error
EUVDB-ID: #VU99207
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48960
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hix5hd2_rx() function in drivers/net/ethernet/hisilicon/hix5hd2_gmac.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerStore 3200Q: All versions
PowerStore 9200T: All versions
PowerStore 9000T: All versions
PowerStore 7000T: All versions
PowerStore 5200T: All versions
PowerStore 5000T: All versions
PowerStore 3200T: All versions
PowerStore 3000T: All versions
PowerStore 1200T: All versions
PowerStore 1000T: All versions
PowerStore 500T: All versions
PowerStoreT OS: before 4.0.1.3-2494147
CPE2.3- cpe:2.3:h:dell:powerstore_3200q:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_9000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_7000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_5000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_3000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1200t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_1000t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstore_500t:*:*:*:*:*:*:*:*
- cpe:2.3:h:dell:powerstoret_os:*:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
