Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firmware vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2018-3655
A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical a...
Intel Converged Security Management Engine Firmware
Intel Server Platform Services Firmware
Intel Trusted Execution Engine Firmware
7.6
CVSSv3
CVE-2018-12191
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services prior to 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE prior to 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute a...
Intel Converged Security Management Engine Firmware
Intel Server Platform Services Firmware
Intel Trusted Execution Engine Firmware
7.6
CVSSv3
CVE-2018-12208
Buffer overflow in HECI subsystem in Intel(R) CSME prior to 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version prior to 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrar...
Intel Server Platform Services Firmware
Intel Converged Security Management Engine Firmware
Intel Trusted Execution Engine Firmware
6.7
CVSSv3
CVE-2018-12147
Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of ...
Intel Converged Security Management Engine Firmware
Intel Server Platform Services Firmware
Intel Trusted Execution Engine Firmware
7.5
CVSSv3
CVE-2015-5010
IBM Security Access Manager for Web 7.0 prior to 7.0.0 IF21, 8.0 prior to 8.0.1.3 IF4, and 9.0 prior to 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote malicious users to obtain access via a brute-force attack.
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.9
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.8
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.7
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.6
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.18
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.19
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.20
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.12
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.15
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.13
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.5
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.3
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.17
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.11
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager 9.0 Firmware 9.0.0
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.16
NA
CVE-2015-3960
The firmware in MNS prior to 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers' installations, which makes it easier for remote malicious users to defeat cryptographic protection mechanism...
Garrettcom Magnum 6k Firmware
Garrettcom Magnum 10k Firmware
NA
CVE-2015-3959
The firmware in MNS prior to 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate malicious users to obtain access by establishing a console session to a nonstandard i...
Garrettcom Magnum 6k Firmware
Garrettcom Magnum 10k Firmware
8.1
CVSSv3
CVE-2019-13533
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.
Omron Plc Cj Firmware
Omron Plc Cs Firmware
7.2
CVSSv3
CVE-2021-36301
Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system.
Dell Emc Idrac8 Firmware
Dell Emc Idrac9 Firmware
9.8
CVSSv3
CVE-2016-1984
The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices prior to 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote malicious users to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2015...
Harman Amx Firmware 1.3.100
Harman Amx Firmware 1.2.322
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »