Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
firmware vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-4842
Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors....
Hp
Integrated Lights-out
Integrated Lights-out Firmware
7.2
CVSSv2
CVE-2017-5708
Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector....
Intel
Manageability Engine Firmware
1 Github repository available
2 Articles available
7.2
CVSSv2
CVE-2018-7113
A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) prior to v1.37 could be locally exploited to bypass the security restrictions for firmware updates....
2 Github repositories available
4.6
CVSSv2
CVE-2018-12179
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access....
Tianocore
Edk Ii
7.2
CVSSv2
CVE-2017-5705
Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code....
Intel
Manageability Engine Firmware
1 Github repository available
5 Articles available
6.8
CVSSv2
CVE-2013-4843
Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors....
Hp
Integrated Lights-out
Integrated Lights-out Firmware
9.3
CVSSv2
CVE-2018-9232
Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update....
Twsz
Be126 Firmware
6.8
CVSSv2
CVE-2009-2827
Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FAT filesystem on a disk image....
Apple
Mac Os X
Mac Os X Server
4.3
CVSSv2
CVE-2009-2823
The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software....
Apple
Mac Os X
Mac Os X Server
1 Github repository available
5.4
CVSSv2
CVE-2009-2808
Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help content from a web site, which allows man-in-the-middle attackers to send a crafted help:runscript link, and thereby execute arbitrary code, via a spoofed response....
Apple
Mac Os X
Mac Os X Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2019-0708
CVE-2020-13693
CVE-2020-10959
information disclosure
CVE-2020-13659
CVE-2020-13754
quickbox
CSRF
multi server
XML external entity
docker
verizon
CVE-2019-12027
« PREV
1
2
3
4
5
6
7
8
9
NEXT »
Vulmon