Intel Server Board 缓冲区错误漏洞

Intel Server Board is a server motherboard from Intel Corporation USA. A security vulnerability exists in Intel Server Board BMC firmware versions prior to 2.90, which originates from an out-of-bounds read issue. An attacker could exploit the vulnerability to cause information disclosure...

fwupd: world readable password in /etc/fwupd/redfish.conf

A flaw was found in fwupd. When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file...

PT-2023-20121 · Nvidia · Nvidia Dgx-1 Bmc

Name of the Vulnerable Software and Affected Versions: NVIDIA DGX-1 BMC affected versions not specified Description: The issue is related to the IPMI handler in the NVIDIA DGX-1 BMC, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certai...

PT-2023-8258 · Nvidia · Nvidia Dgx A100

Name of the Vulnerable Software and Affected Versions: NVIDIA DGX A100 baseboard management controller BMC affected versions not specified Description: The issue is related to a stack overflow vulnerability in the host KVM daemon of the NVIDIA DGX A100 baseboard management controller BMC. An...

Supermicro X11 安全漏洞

The Supermicro X11 is a server motherboard from Supermicro. A security vulnerability exists in the Supermicro X11SSL-CF HW Rev 1.01, BMC firmware version 1.63, which stems from the BMC having an internal IC bus that causes the voltage to vary outside of the CPU's specified operating range, thus...

K64346530: Multiple Intel CPU vulnerabilities

Security Advisory Description CVE-2019-11168 Insufficient session validation in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access. CVE-2019-11170 Authentication bypass in Intel...

Intel Integrated Baseboard Management Controller 输入验证错误漏洞

Intel Integrated Baseboard Management Controller is an integrated baseboard management controller from Intel Corporation USA. A security vulnerability exists in Intel Integrated Baseboard Management Controller BMC version egs-0.91-179, bhs-04-45, which originates from incorrect validation of user...

Intel Integrated Baseboard Management Controller 缓冲区错误漏洞

Intel Integrated Baseboard Management Controller is an integrated baseboard management controller from Intel Corporation USA. A security vulnerability exists in Intel Integrated Baseboard Management Controller BMC versions prior to 0.72. An attacker could exploit this vulnerability to cause a...

Intel Integrated Baseboard Management Controller 安全漏洞

Intel Integrated Baseboard Management Controller is an integrated baseboard management controller from Intel Corporation USA. A security vulnerability exists in Intel Integrated Baseboard Management Controller BMC. An attacker could exploit this vulnerability to cause a denial of service on the...

SUSE CVE-2019-11168

Insufficient session validation in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access...

SUSE CVE-2019-11170

Authentication bypass in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local access...

SUSE CVE-2019-11171

Heap corruption in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via network access...

SUSE CVE-2019-11172

Out of bound read in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access...

SUSE CVE-2019-11177

Unhandled exception in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access...

SUSE CVE-2019-11175

Insufficient input validation in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access...

SUSE CVE-2019-11179

Insufficient input validation in IntelR Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network access...

SUSE CVE-2019-11180

Insufficient input validation in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access...

AMI MegaRAC SP-X BMC Redfish Vulnerabilities - Lenovo Support US

No description provided...

VulnCheck KEV: CVE-2013-4786

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...

PT-2023-2915 · Supermicro · Supermicro X11Sse-F

Name of the Vulnerable Software and Affected Versions: Supermicro X11SSL-CF HW Rev 1.01, BMC firmware version 1.63 Description: The issue is related to the PMBus interface of the VRM module in Supermicro BMC controllers, where there is an incorrect assignment of permissions for a critical resourc...