Baseboard Management Controller Firmware Security Vulnerabilities
Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network...
4.9CVSS
5AI Score
0.001EPSS
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a...
7.8CVSS
7.7AI Score
0.001EPSS
Out of bounds write in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.3AI Score
0.0004EPSS
Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via adjacent...
8CVSS
7.6AI Score
0.0004EPSS
Improper initialization in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable denial of service via local...
5.5CVSS
6.6AI Score
0.0004EPSS
Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network...
9.1CVSS
8.2AI Score
0.002EPSS
Memory corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network...
7.5CVSS
8.5AI Score
0.001EPSS
Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable escalation of privilege via network...
7.8CVSS
8.7AI Score
0.0004EPSS
Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via network...
9.8CVSS
8.8AI Score
0.002EPSS
Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via local...
7.1CVSS
8.1AI Score
0.0004EPSS
Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network...
7.5CVSS
8.3AI Score
0.001EPSS
Unhandled exception in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network...
7.5CVSS
8.3AI Score
0.001EPSS
Insufficient access control in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network...
5.3CVSS
8.1AI Score
0.001EPSS
Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network...
5.3CVSS
8.1AI Score
0.001EPSS
Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local...
7.8CVSS
8.6AI Score
0.0004EPSS
Stack overflow in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network...
8.1CVSS
8.3AI Score
0.001EPSS
Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network...
7.5CVSS
8.3AI Score
0.001EPSS
Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network...
6.5CVSS
8AI Score
0.001EPSS
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced.....
5.6CVSS
6.4AI Score
0.0005EPSS