Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-24047
This vulnerability allows remote malicious users to bypass authentication on affected installations of BMC Track-It! 20.21.01.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results f...
Bmc Track-it\\! 20.21.01.102
7.5
CVSSv2
CVE-2017-17674
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code ex...
Bmc Remedy Mid-tier 9.1
7.5
CVSSv2
CVE-2020-11486
NVIDIA DGX servers, all DGX-1 with BMC firmware versions before 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an malicious user to upload or transfer files that can be automatically processed within the product's environment, which may lea...
Intel Bmc Firmware
7.5
CVSSv2
CVE-2020-11483
NVIDIA DGX servers, all DGX-1 with BMC firmware versions before 3.38.30 and all DGX-2 with BMC firmware versions before 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or in...
Intel Bmc Firmware
7.5
CVSSv2
CVE-2019-16755
BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote malicious users to perform pre-authenticated remote commands execution on the Operating System running the targeted application. Affected DWP versions: versio...
Bmc Myit Digital Workplace
7.5
CVSSv2
CVE-2019-16650
On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virt...
Supermicro X11dai-n Firmware 1.71.5
Supermicro X11dac Firmware 1.71.5
Supermicro X11dph-tq Firmware 1.71.5
Supermicro X11dph-i Firmware 1.71.5
Supermicro X11dph-t Firmware 1.71.5
Supermicro X11dps-re Firmware 1.71.5
Supermicro X11dsf-e Firmware 1.71.5
Supermicro X11dsn-ts Firmware 1.71.5
Supermicro X11dsn-tsq Firmware 1.71.5
Supermicro X11dsc\\+ Firmware 1.74
Supermicro X11ddw-nt Firmware 1.71.5
Supermicro X11ddw-l Firmware 1.71.5
Supermicro X11dgq Firmware 1.71.5
Supermicro X11dpff-sn Firmware 1.71.5
Supermicro X11dpfr-sn Firmware 1.71.5
Supermicro X11dpfr-s Firmware 1.71.5
Supermicro X11dpt-ps Firmware 1.71.5
Supermicro X11dpt-b Firmware 1.71.5
Supermicro X11dpt-bh Firmware 1.71.5
Supermicro X11dpt-l Firmware 3.74
Supermicro X11dpu Firmware 1.71.5
Supermicro X11dpu-v Firmware 1.71.5
7.5
CVSSv2
CVE-2019-5497
NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution.
Netapp Aff A700s Firmware
Netapp Clustered Data Ontap -
7.5
CVSSv2
CVE-2019-8352
By default, BMC PATROL Agent up to and including 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials ...
Bmc Patrol Agent
1 EDB exploit
7.5
CVSSv2
CVE-2019-6260
The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and write access to the BMC's physical address space from the host (or from the network in unusual case...
Aspeedtech Ast2400 Firmware
Aspeedtech Ast2500 Firmware
Netapp Fas\\/aff Baseboard Management Controller
7.5
CVSSv2
CVE-2018-12171
Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.
Intel Bmc Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »