Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firmware vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2018-12147
Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of ...
Intel Converged Security Management Engine Firmware
Intel Server Platform Services Firmware
Intel Trusted Execution Engine Firmware
7.2
CVSSv2
CVE-2018-12191
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services prior to 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE prior to 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute a...
Intel Converged Security Management Engine Firmware
Intel Server Platform Services Firmware
Intel Trusted Execution Engine Firmware
4.6
CVSSv2
CVE-2018-12208
Buffer overflow in HECI subsystem in Intel(R) CSME prior to 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version prior to 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrar...
Intel Server Platform Services Firmware
Intel Converged Security Management Engine Firmware
Intel Trusted Execution Engine Firmware
3.6
CVSSv2
CVE-2018-3655
A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical a...
Intel Converged Security Management Engine Firmware
Intel Server Platform Services Firmware
Intel Trusted Execution Engine Firmware
5
CVSSv2
CVE-2015-5010
IBM Security Access Manager for Web 7.0 prior to 7.0.0 IF21, 8.0 prior to 8.0.1.3 IF4, and 9.0 prior to 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote malicious users to obtain access via a brute-force attack.
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.9
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.8
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.7
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.6
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.18
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.19
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.20
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.12
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.15
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.13
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.5
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.3
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.17
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.11
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager 9.0 Firmware 9.0.0
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.16
7.2
CVSSv2
CVE-2012-2188
IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 prior to 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to ...
Ibm Power Hardware Management Console Firmware 7r7.3.0
Ibm Systems Director Management Console Firmware 6r7.3.0
Ibm Power Hardware Management Console Firmware 7r7.1.0
Ibm Power Hardware Management Console Firmware 7r7.2.0
Ibm Power Hardware Management Console Firmware 7r3.5.0
10
CVSSv2
CVE-2015-7029
Apple AirPort Base Station Firmware prior to 7.6.7 and 7.7.x prior to 7.7.7 misparses DNS data, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Apple Airport Base Station Firmware 7.7.3
Apple Airport Base Station Firmware 7.7.0
Apple Airport Base Station Firmware
7.8
CVSSv2
CVE-2015-2829
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway prior to 10.5 Build 53.9 up to and including 55.8 and 10.5.e Build 53-9010.e allow remote malicious users to cause a denial of service (reboot) via unspecified vectors.
Citrix Netscaler Application Delivery Controller Firmware 10.5
Citrix Netscaler Gateway Firmware 10.5
Citrix Netscaler Gateway Firmware 10.5e
7.5
CVSSv2
CVE-2019-18259
In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands.
Omron Plc Cj Firmware
Omron Plc Cs Firmware
4.3
CVSSv2
CVE-2015-3960
The firmware in MNS prior to 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers' installations, which makes it easier for remote malicious users to defeat cryptographic protection mechanism...
Garrettcom Magnum 6k Firmware
Garrettcom Magnum 10k Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »