CVE-2022-22374

The BMC IBM Power 9 AC922 OP910, OP920, OP930, and OP940 may be subject to a firmware downgrade attack which may affect its ability to operate its host. IBM X-Force ID: 221442...

[SECURITY] Fedora 35 Update: watchdog-5.16-2.fc35

The watchdog program can be used as a powerful software watchdog daemon or may be alternately used with a hardware watchdog device such as the IPMI hardware watchdog driver interface to a resident Baseboard Management Controller BMC. watchdog periodically writes to /dev/watchdog; the interval...

[SECURITY] Fedora 34 Update: watchdog-5.16-2.fc34

The watchdog program can be used as a powerful software watchdog daemon or may be alternately used with a hardware watchdog device such as the IPMI hardware watchdog driver interface to a resident Baseboard Management Controller BMC. watchdog periodically writes to /dev/watchdog; the interval...

[SECURITY] Fedora 33 Update: watchdog-5.16-2.fc33

The watchdog program can be used as a powerful software watchdog daemon or may be alternately used with a hardware watchdog device such as the IPMI hardware watchdog driver interface to a resident Baseboard Management Controller BMC. watchdog periodically writes to /dev/watchdog; the interval...

CVE-2020-24473

Out of bounds write in the BMC firmware for some IntelR Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2021-0097

Path traversal in the BMC firmware for IntelR Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access...

CVE-2021-0113

Out of bounds write in the BMC firmware for IntelR Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access...

CVE-2021-0101

Buffer overflow in the BMC firmware for IntelR Server BoardM10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access...

CVE-2021-0097

Path traversal in the BMC firmware for IntelR Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access...

CVE-2021-0070

Improper input validation in the BMC firmware for IntelR Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access...

Intel Server Board M10JNP2SB 路径遍历漏洞

Intel Server Board M10JNP2SB is a processor from Intel Corporation USA. A security vulnerability exists in Intel Server Board M10JNP2SB prior to version 7215, BMC 8100.01.08, which allows an unauthenticated user to potentially enable denial of service via adjacent access...

Intel Server Board M10JNP2SB 缓冲区错误漏洞

Intel Server Board M10JNP2SB is a processor from Intel Corporation USA. A buffer error vulnerability exists in Intel Server Board M10JNP2SB prior to version 7215, BMC 8100.01.08, which stems from a buffer overflow that allows an unauthenticated user to potentially escalate privileges via adjacent...

Intel Server Board M10JNP2SB 输入验证错误漏洞

Intel Server Board M10JNP2SB is a processor from Intel Corporation USA. IntelR Server Board M10JNP2SB EFI BIOS prior to version 7215, BMC 8100.01.08 An input validation error vulnerability exists that stems from incorrect input validation, allowing an unauthenticated user to potentially escalate...

CVE-2021-28205

The specific function in ASUS BMC’s firmware Web management page Delete SOL video file function does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files...

CVE-2021-28206

The specific function in ASUS BMC’s firmware Web management page Record video file function does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files...

CVE-2021-28207

The specific function in ASUS BMC’s firmware Web management page Get Help file function does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files...

CVE-2021-28200

The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service...

CVE-2021-28199

The specific function in ASUS BMC’s firmware Web management page Modify user’s information function does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate th...

CVE-2021-28191

The Firmware update function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service...

CVE-2021-28187

The specific function in ASUS BMC’s firmware Web management page Generate new SSL certificate does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web...