Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-42283
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution.
Nvidia Bmc
6.7
CVSSv3
CVE-2023-0201
NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure.
Nvidia Bmc
9.8
CVSSv3
CVE-2023-34257
An issue exists in BMC Patrol up to and including 23.1.00. The agent's configuration can be remotely modified (and, by default, authentication is not required). Some configuration fields related to SNMP (e.g., masterAgentName or masterAgentStartLine) result in code execution...
Bmc Patrol Agent
9.8
CVSSv3
CVE-2023-39122
BMC Control-M up to and including 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. This is fixed in 9.0.21 (and is also fixed by a patch for 9.0.20.200).
Bmc Control-m
9.8
CVSSv3
CVE-2019-8352
By default, BMC PATROL Agent up to and including 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials ...
Bmc Patrol Agent
1 EDB exploit
NA
CVE-2013-4783
The Dell iDRAC6 with firmware 1.x prior to 1.92 and 2.x and 3.x prior to 3.42, and iDRAC7 with firmware prior to 1.23.23, allows remote malicious users to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password...
Dell Idrac6 Bmc
9.8
CVSSv3
CVE-2017-9453
BMC Server Automation prior to 8.9.01 patch 1 allows Process Spawner command execution because of authentication bypass.
Bmc Server Automation
7.8
CVSSv3
CVE-2020-35593
BMC PATROL Agent up to and including 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host.
Bmc Patrol Agent
5.3
CVSSv3
CVE-2016-5063
The RSCD agent in BMC Server Automation prior to 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows might allow remote malicious users to bypass authorization checks and make an RPC call via unspecified vectors.
Bmc Server Automation
2 EDB exploits
2 Github repositories
7.8
CVSSv3
CVE-2019-17044
An issue exists in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary could allow an attacker with "patrol" privileges to elevate his/her privileges to the ones of the "root" user by specially crafting a shared library .so file...
Bmc Patrol Agent 9.0.10i
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »