Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
baseboard management controller firmware vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-28038
An issue exists in the Linux kernel up to and including 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of se...
Linux Linux Kernel 5.12
Linux Linux Kernel
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Solidfire Baseboard Management Controller Firmware -
6.5
CVSSv3
CVE-2019-11179
Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network access.
Intel Baseboard Management Controller Firmware
6.5
CVSSv3
CVE-2018-0229
A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (SSO) authentication for Cisco AnyConnect Secure Mobility Client for Desktop Platforms, Cisco Adaptive Security Appliance (ASA) Software, and Cisco Firepower Threat Defense (FTD) Sof...
Cisco Anyconnect Secure Mobility Client 4.6\\(200\\)
Cisco Adaptive Security Appliance Software 9.8\\(1.245\\)
1 Article
6.1
CVSSv3
CVE-2019-6159
A stored cross-site scripting (XSS) vulnerability exists in various firmware versions of the legacy IBM System x IMM (IMM v1) embedded Baseboard Management Controller (BMC). This vulnerability could allow an unauthenticated user to cause JavaScript code to be stored in the IMM lo...
Lenovo Bladecenter Hs22 Firmware -
Lenovo Bladecenter Hs22v Firmware -
Lenovo Bladecenter Hx5 Firmware -
Lenovo System X Idataplex Dx360 M2 Firmware -
Lenovo System X Idataplex Dx360 M3 Firmware -
Lenovo System X3400 M3 Firmware -
Lenovo System X3500 M2 Firmware -
Lenovo System X3500 M3 Firmware -
Lenovo System X3550 M3 Firmware -
Lenovo System X3560 M2 Firmware -
Lenovo System X3630 M3 Firmware -
Lenovo System X3650 M3 Firmware -
Lenovo System X3690 X5 Firmware -
Lenovo System X3850 X5 Firmware -
Lenovo System X3950 X5 Firmware -
5.5
CVSSv3
CVE-2021-28971
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel up to and including 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Aff A250 Firmware -
Netapp Aff 500f Firmware -
5.3
CVSSv3
CVE-2021-22897
curl 7.61.0 up to and including 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable...
Haxx Curl
Oracle Mysql Server
Oracle Essbase
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Netapp Cloud Backup -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Hci Compute Node Firmware -
Netapp H300e Firmware -
Netapp H300s Firmware -
Netapp H410s Firmware -
Netapp H500e Firmware -
Netapp H500s Firmware -
Netapp H700e Firmware -
Netapp H700s Firmware -
Siemens Sinec Infrastructure Network Services
5.3
CVSSv3
CVE-2019-11172
Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access.
Intel Baseboard Management Controller Firmware
5.3
CVSSv3
CVE-2019-11174
Insufficient access control in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access.
Intel Baseboard Management Controller Firmware
4.7
CVSSv3
CVE-2021-28964
A race condition exists in get_old_root in fs/btrfs/ctree.c in the Linux kernel up to and including 5.11.8. It allows malicious users to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc.
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Aff A250 Firmware -
Netapp Fas 500f Firmware -
4.7
CVSSv3
CVE-2019-19054
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel up to and including 5.3.11 allows malicious users to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 30
Canonical Ubuntu Linux 14.04
Opensuse Leap 15.1
Fedoraproject Fedora 31
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Aff Baseboard Management Controller -
Netapp Data Availability Services -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Broadcom Brocade Fabric Operating System Firmware -
Netapp Fas\\/aff Baseboard Management Controller -
Netapp E-series Santricity Os Controller 11.0
Netapp E-series Santricity Os Controller 11.0.0
Netapp E-series Santricity Os Controller 11.20
Netapp E-series Santricity Os Controller 11.25
Netapp E-series Santricity Os Controller 11.30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »