Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fsp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2003-1022
Directory traversal vulnerability in fsp prior to 2.81.b18 allows remote users to access files outside the FSP root directory.
Debian Fsp
7.5
CVSSv2
CVE-2004-0011
Buffer overflow in fsp prior to 2.81.b18 allows remote users to execute arbitrary code.
Debian Fsp
5
CVSSv2
CVE-2006-7221
Multiple off-by-one errors in fsplib.c in fsplib prior to 0.8 allow malicious users to cause a denial of service via unspecified vectors involving the (1) name and (2) d_name entry attributes.
Fsp C Library
5
CVSSv2
CVE-2007-3961
Off-by-one error in the fsp_readdir_r function in fsplib.c in fsplib prior to 0.9 allows remote malicious users to cause a denial of service via a directory entry whose length is exactly MAXNAMELEN, which prevents a terminating null byte from being added.
Fsp C Library
7.5
CVSSv2
CVE-2007-3962
Multiple stack-based buffer overflows in fsplib.c in fsplib prior to 0.9 might allow remote malicious users to execute arbitrary code via (1) a long filename that is not properly handled by the fsp_readdir_native function when MAXNAMLEN is greater than 255, or (2) a long d_name d...
Fsp C Library
NA
CVE-2022-22445
An attacker that gains service access to the FSP (POWER9 only) or gains admin authority to a partition can compromise partition firmware.
Ibm Powervm Hypervisor
5
CVSSv2
CVE-2021-29765
IBM PowerVM Hypervisor FW940 and FW950 could allow an malicious user to obtain sensitive information if they gain service access to the FSP. IBM X-Force ID: 202476.
Ibm Powervm Fw950
Ibm Powervm Fw940
7.5
CVSSv2
CVE-1999-1411
The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp.
Debian Debian Linux 2.0
4.6
CVSSv2
CVE-2022-22309
The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095.
Ibm Power System S922 Firmware
9.4
CVSSv2
CVE-2021-38917
IBM PowerVM Hypervisor FW860, FW940, and FW950 could allow an attacker that gains service access to the FSP can read and write arbitrary host system memory through a series of carefully crafted service procedures. IBM X-Force ID: 210018.
Ibm Powervm Hypervisor Fw860
Ibm Powervm Hypervisor Fw940
Ibm Powervm Hypervisor Fw950
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »