Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
power management vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-22815
A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. Affected Products: 1-Phase Uninterruptible Power Supply (UPS) using NMC2 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 (NMC2): AP9630...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
8.8
CVSSv3
CVE-2022-0435
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly esc...
Linux Linux Kernel 5.17
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux For Real Time 8
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.2
Redhat Enterprise Linux For Real Time Tus 8.4
Redhat Enterprise Linux For Real Time Tus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux For Real Time For Nfv 8
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux For Power Little Endian Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.2
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
Redhat Enterprise Linux For Ibm Z Systems 8.0
1 Github repository
6.1
CVSSv3
CVE-2021-22810
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to a delete pol...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
6.1
CVSSv3
CVE-2021-22811
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause script execution when the request of a privileged account accessing the vulnerable web page is intercepted. Affected Products: 1-Phase Un...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
6.1
CVSSv3
CVE-2021-22812
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC. Affected Products: 1-Ph...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
6.1
CVSSv3
CVE-2021-22813
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to an edit poli...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
6.1
CVSSv3
CVE-2021-22814
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists which could cause arbritrary script execution when a malicious file is read and displayed. Affected Products: 1-Phase Uninterruptible Power Supply (UPS) u...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
9.8
CVSSv3
CVE-2021-3849
An authentication bypass vulnerability exists in the web interface of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware that could allow an unauthenticated malicious user to execute commands on the SMM and FPC2. SMM2 is not affected.
Lenovo Nextscale N1200 Enclosure Firmware
Lenovo Thinkagile Hx Enclosure Certified Node Firmware
Lenovo Thinkagile Vx Enclosure Firmware
Lenovo Thinksystem D2 Enclosure Firmware
Ibm Nextscale Fan Power Controller Firmware
6.5
CVSSv3
CVE-2023-4527
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function ret...
Gnu Glibc
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux For Power Little Endian 9.2 Ppc64le
Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64le
Redhat Enterprise Linux For Ibm Z Systems S390x 9.2
Redhat Enterprise Linux For Ibm Z Systems Eus S390x 9.2
Redhat Enterprise Linux Tus 8.8
Redhat Codeready Linux Builder For Arm64 Eus 9.2 Aarch64
Redhat Codeready Linux Builder For Ibm Z Systems Eus 9.2 S390x
Redhat Codeready Linux Builder Eus For Power Little Endian 9.0 Ppc64le
Redhat Codeready Linux Builder For Ibm Z Systems 9.0 S390x
Redhat Codeready Linux Builder For Arm64 9.0 Aarch64
Redhat Codeready Linux Builder Eus For Power Little Endian Eus 9.2 Ppc64le
Redhat Codeready Linux Builder Eus 9.2
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 9.2 Ppc64le
Redhat Enterprise Linux For Arm 64 Eus 9.2 Aarch64
Redhat Enterprise Linux For Arm 64 9.0 Aarch64
Redhat Enterprise Linux For Power Little Endian 8.0 Ppc64le
9.8
CVSSv3
CVE-2021-3897
An authentication bypass vulnerability exists in an internal service of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware during an that could allow an unauthenticated malicious user to execute commands on the SMM and FPC2. SMM2 is not aff...
Lenovo Nextscale N1200 Enclosure Firmware
Lenovo Thinkagile Hx Enclosure Certified Node Firmware
Lenovo Thinkagile Vx Enclosure Firmware
Lenovo Thinksystem D2 Enclosure Firmware
Ibm Nextscale Fan Power Controller Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »