Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-6260
The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and write access to the BMC's physical address space from the host (or from the network in unusual case...
Aspeedtech Ast2400 Firmware
Aspeedtech Ast2500 Firmware
Netapp Fas\\/aff Baseboard Management Controller
7.2
CVSSv3
CVE-2020-26122
Inspur NF5266M5 up to and including 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. The Baseboard Management Controller (BMC) program of INSPUR server is weak in checking the firmware and lacks the signature verification mechanism, the...
Inspur Nf8480m5 Firmware
Inspur Nf8260m5 Firmware
Inspur Ns5162m5 Firmware
Inspur Ns5488m5 Firmware
Inspur Ns5484m5 Firmware
Inspur Ns5482m5 Firmware
Inspur Nf5280m5 Firmware
Inspur Nf5468m5 Firmware
Inspur Nf5488m5-d Firmware
Inspur Nf5180m5 Firmware
Inspur Nf5270m5 Firmware
Inspur Nf5260m5 Firmware
Inspur Nf5266m5 Firmware
Inspur Nf5466m5 Firmware
Inspur Nf5486m5 Firmware
8.8
CVSSv3
CVE-2021-0101
Buffer overflow in the BMC firmware for Intel(R) Server BoardM10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access.
Intel Efi Bios 7215
6.5
CVSSv3
CVE-2021-0097
Path traversal in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access.
Intel Efi Bios 7215
9.1
CVSSv3
CVE-2019-4169
IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC password even after BMC password was changed away from the default password. IBM X-Force ID: 158702.
Ibm Open Power Op910
Ibm Open Power Op920
7.5
CVSSv3
CVE-2020-11615
NVIDIA DGX servers, all BMC firmware versions before 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure.
Intel Bmc Firmware
6.5
CVSSv3
CVE-2021-26581
A potential security vulnerability has been identified in HPE Superdome Flex server. A denial of service attack can be remotely exploited leaving hung connections to the BMC web interface. The monarch BMC must be rebooted to recover from this situation. Other BMC management is no...
Hpe Superdome Flex Server Firmware
8.8
CVSSv3
CVE-2021-0070
Improper input validation in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access.
Intel Efi Bios 7215
6.5
CVSSv3
CVE-2021-0113
Out of bounds write in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access.
Intel Efi Bios 7215
7.2
CVSSv3
CVE-2018-9086
In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.
Lenovo Thinkserver Rd340 Firmware
Lenovo Thinkserver Rd440 Firmware
Lenovo Thinkserver Rd640 Firmware
Lenovo Thinkserver Td340 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »