Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

firmware vulnerabilities and exploits

(subscribe to this query)
6.5
CVSSv2
CVE-2021-36301
Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system.
Dell Emc Idrac8 FirmwareDell Emc Idrac9 Firmware
10
CVSSv2
CVE-2015-7029
Apple AirPort Base Station Firmware prior to 7.6.7 and 7.7.x prior to 7.7.7 misparses DNS data, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Apple Airport Base Station Firmware 7.7.3Apple Airport Base Station Firmware 7.7.0Apple Airport Base Station Firmware
7.8
CVSSv2
CVE-2015-2829
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway prior to 10.5 Build 53.9 up to and including 55.8 and 10.5.e Build 53-9010.e allow remote malicious users to cause a denial of service (reboot) via unspecified vectors.
Citrix Netscaler Application Delivery Controller Firmware 10.5Citrix Netscaler Gateway Firmware 10.5Citrix Netscaler Gateway Firmware 10.5e
7.2
CVSSv2
CVE-2012-2188
IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 prior to 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to ...
Ibm Power Hardware Management Console Firmware 7r7.3.0Ibm Systems Director Management Console Firmware 6r7.3.0Ibm Power Hardware Management Console Firmware 7r7.1.0Ibm Power Hardware Management Console Firmware 7r7.2.0Ibm Power Hardware Management Console Firmware 7r3.5.0
8.5
CVSSv2
CVE-2015-5018
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 prior to 8.0.1.3 IF3, and Security Access Manager 9.0 prior to 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.
Ibm Security Access Manager 9.0 Firmware 9.0.0Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.3Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.13Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.12Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.3Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.2Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.16Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.8Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.7Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2Ibm Security Access Manager For Web 8.0 Firmware 8.0.1Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.10Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.9Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.1Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.11Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.15Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.14Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.6Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.5
4.3
CVSSv2
CVE-2014-2246
Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware prior to 1.5.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Siemens Simatic S7-1500 Cpu Firmware 1.1.0Siemens Simatic S7-1500 Cpu FirmwareSiemens Simatic S7-1500 Cpu Firmware 1.1.1Siemens Simatic S7-1500 Cpu Firmware 1.0.1
5.8
CVSSv2
CVE-2014-2247
The integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware prior to 1.5.0 allows remote malicious users to inject headers via unspecified vectors.
Siemens Simatic S7-1500 Cpu Firmware 1.1.1Siemens Simatic S7-1500 Cpu Firmware 1.0.1Siemens Simatic S7-1500 Cpu FirmwareSiemens Simatic S7-1500 Cpu Firmware 1.1.0
4.3
CVSSv2
CVE-2014-2248
Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware prior to 1.5.0 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Siemens Simatic S7-1500 Cpu Firmware 1.1.1Siemens Simatic S7-1500 Cpu Firmware 1.1.0Siemens Simatic S7-1500 Cpu Firmware 1.0.1Siemens Simatic S7-1500 Cpu Firmware
8.3
CVSSv2
CVE-2014-2251
The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices with firmware prior to 1.5.0 does not have sufficient entropy, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors.
Siemens Simatic S7-1500 Cpu FirmwareSiemens Simatic S7-1500 Cpu Firmware 1.1.1Siemens Simatic S7-1500 Cpu Firmware 1.1.0Siemens Simatic S7-1500 Cpu Firmware 1.0.1
6.1
CVSSv2
CVE-2014-2253
Siemens SIMATIC S7-1500 CPU PLC devices with firmware prior to 1.5.0 allow remote malicious users to cause a denial of service (defect-mode transition) via crafted Profinet packets.
Siemens Simatic S7-1500 Cpu FirmwareSiemens Simatic S7-1500 Cpu Firmware 1.1.1Siemens Simatic S7-1500 Cpu Firmware 1.1.0Siemens Simatic S7-1500 Cpu Firmware 1.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook