39 matches found
EUVD-2019-15726
Malware in sbrugna...
EUVD-2018-20671
Malware in sbrugna...
EUVD-2012-2181
Malware in sbrugna...
EUVD-2013-3961
Malware in sbrugna...
CVE-2021-3723
A command injection vulnerability was reported in the Integrated Management Module IMM of legacy IBM System x 3550 M3 and IBM System x 3650 M3 servers that could allow the execution of operating system commands over an authenticated SSH or Telnet session...
CVE-2020-8332
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected...
Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerabilities in libxml/libxml2
Summary IBM Integrated Management Module II IMM2 has addressed the following vulnerabilities in libxml/libxml2. Vulnerability Details CVEID: CVE-2017-5130 DESCRIPTION: Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libxml2. By persuading a victi...
Security Bulletin: IBM System x and Flex Systems Browser Exploit Against SSL/TLS (BEAST) Mitigations (CVE-2011-3389)
Summary Security Bulletin: IBM System x and Flex Systems Browser Exploit Against SSL/TLS BEAST Mitigations CVE-2011-3389 Vulnerability Details Summary The SSL 3.0 and TLS 1.0 protocols when used with Cipher Block Chaining CBC mode with chained initialization vectors may allow man-in-the-middle...
Command injection
A command injection vulnerability was reported in the Integrated Management Module IMM of legacy IBM System x 3550 M3 and IBM System x 3650 M3 servers that could allow the execution of operating system commands over an authenticated SSH or Telnet session...
No Patch for High-Severity Bug in Legacy IBM System X Servers
Two legacy IBM System x server models, retired in 2019, are open to attack and will not receive security patches, according to hardware maker Lenovo. However, the company is offering workaround mitigation. The two models, IBM System x 3550 M3 and IBM System x 3650 M3, are both vulnerable to comma...
CVE-2020-8332
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected...
CVE-2019-6159
A stored cross-site scripting XSS vulnerability exists in various firmware versions of the legacy IBM System x IMM IMM v1 embedded Baseboard Management Controller BMC. This vulnerability could allow an unauthenticated user to cause JavaScript code to be stored in the IMM log which may then be...
Cross site scripting
A stored cross-site scripting XSS vulnerability exists in various firmware versions of the legacy IBM System x IMM IMM v1 embedded Baseboard Management Controller BMC. This vulnerability could allow an unauthenticated user to cause JavaScript code to be stored in the IMM log which may then be...
CVE-2019-6159
CVE-2019-6159 affects legacy IBM System x IMM (IMM v1) BMCs where a stored cross-site scripting (XSS) flaw allows an unauthenticated user to store JavaScript in IMM logs, which then executes in a browser when logs are viewed. The vulnerability does not execute on the IMM itself, and IMM v2 is not...
CVE-2019-6159
A stored cross-site scripting XSS vulnerability exists in various firmware versions of the legacy IBM System x IMM IMM v1 embedded Baseboard Management Controller BMC. This vulnerability could allow an unauthenticated user to cause JavaScript code to be stored in the IMM log which may then be...
Stored XSS Vulnerability in legacy IBM System x IMM - Lenovo Support US
No description provided...
CVE-2019-6155
A potential vulnerability was found in an SMI handler in various BIOS versions of certain legacy IBM System x and IBM BladeCenter systems that could lead to denial of service...
CVE-2019-6155
CVE-2019-6155 is a denial-of-service vulnerability in the SMI handler of BIOS firmware on IBM System x and BladeCenter systems. The issue affects legacy IBM System x and BladeCenter models (e.g., BladeCenter HS23E, System x3630 M4, System x3530 M4, System x3650 M4 BD) where a specially crafted re...
CVE-2019-6155
A potential vulnerability was found in an SMI handler in various BIOS versions of certain legacy IBM System x and IBM BladeCenter systems that could lead to denial of service...
SMI Handler Vulnerability in legacy IBM System x and IBM BladeCenter systems - US
Lenovo Security Advisory: LEN-25165 Potential Impact: Denial of service Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-6155 Summary Description: During an internal security review, a potential vulnerability was found in an SMI handler in certain legacy IBM System x and...