Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2016-9638
In BMC Patrol prior to 9.13.10.02, the binary "listguests64" is configured with the setuid bit. However, when executing it, it will look for a binary named "virsh" using the PATH environment variable. The "listguests64" program will then run "vi...
Bmc Patrol
7.2
CVSSv2
CVE-1999-1460
BMC PATROL SNMP Agent prior to 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program.
Bmc Patrol Agent 3.2.5
Bmc Patrol Agent
Bmc Patrol Agent 3.2
Bmc Patrol Agent 3.2.3
1 EDB exploit
7.2
CVSSv2
CVE-1999-1459
BMC PATROL Agent prior to 3.2.07 allows local users to gain root privileges via a symlink attack on a temporary file.
Bmc Patrol Agent 3.2
Bmc Patrol Agent 3.2.3
6.9
CVSSv2
CVE-2014-2591
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.
Bmc Patrol Agent 3.9.00
6.8
CVSSv2
CVE-2020-11485
NVIDIA DGX servers, all DGX-1 with BMC firmware versions before 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was intentionally...
Intel Bmc Firmware
6.8
CVSSv2
CVE-2019-4621
IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 up to and including 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 16...
Ibm Datapower Gateway
6.8
CVSSv2
CVE-2017-18223
BMC Remedy AR System prior to 9.1 SP3, when Remedy AR Authentication is enabled, allows malicious users to obtain administrative access.
Bmc Remedy Action Request System
6.8
CVSSv2
CVE-2012-4112
The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the command-line interface, aka Bug ID CSCtr43330.
Cisco Unified Computing System -
6.8
CVSSv2
CVE-2006-2491
Cross-site scripting (XSS) vulnerability in (1) index.php and (2) bmc/admin.php in BoastMachine (bMachine) 3.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the query string, which is not properly filtered when it is accessed using...
Kailash Nadh Boastmachine 2.5
Kailash Nadh Boastmachine 2.7
Kailash Nadh Boastmachine 2.8
Kailash Nadh Boastmachine 2.9b
Boastmachine Boastmachine 3.0
Boastmachine Boastmachine
1 EDB exploit
6.6
CVSSv2
CVE-2012-4089
MCTOOLS in the fabric interconnect in Cisco Unified Computing System (UCS) allows local users to execute arbitrary Baseboard Management Controller (BMC) commands by leveraging (1) local, (2) shell-level, or (3) debug-level privileges at the operating-system layer, aka Bug ID CSCt...
Cisco Unified Computing System -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »