CVE-2026-46128

The CVE-2026-46128 issue concerns the Linux kernel IPMI event message handling. The root cause is an insufficiently validated event message buffer/data size occurring when fetching events, with some BMCs returning an empty message instead of an error. This leads to a potential failure in processi...

CVE-2026-23322

In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix use-after-free and list corruption on sender error The analysis from Breno: When the SMI sender returns an error, smiwork delivers an error response but then jumps back to restart without cleaning up properly: 1...

EUVD-2026-14899

ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system...

EUVD-2013-3543

Malware in sbrugna...

EUVD-2013-3554

Malware in sbrugna...

EUVD-2012-4029

Malware in sbrugna...

[SECURITY] Fedora 41 Update: OpenIPMI-2.0.36-1.fc41

The Open IPMI project aims to develop an open code base to allow access to platform information using Intelligent Platform Management Interface IPMI. This package contains the tools of the OpenIPMI project...

Lenovo SMM/SMM2/FPC 安全漏洞

Lenovo SMM/SMM2/FPC is an application from Lenovo China. A security vulnerability exists in Lenovo SMM/SMM2/FPC that stems from a command injection vulnerability. An attacker can use this vulnerability to execute unauthorized commands via IPMI...

Design/Logic Flaw

The configuration functionality in the Intelligent Platform Management Interface IPMI baseboard management controller BMC implementation on Supermicro X11 and M11 based devices, with firmware versions through 3.17.02, allows remote authenticated users to execute arbitrary commands...

The vulnerability in the web interface of BMC IPMI Supermicro X11 servers relates to the lack of protective measures for the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the web interface of BMC IPMI Supermicro X11 series servers exists due to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability in the web interface of BMC IPMI Supermicro X11 servers exists due to the lack of protective measures for the web page structure. This allows attackers to execute XSS attacks.

The vulnerability in the web interface of BMC IPMI Supermicro X11 series servers exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks using specially crafted GET requests...

CVE-2023-34335

AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to write to a host SPI flash, bypassing secure boot protections. An exploitation of this vulnerability may lead to a loss of integrity or denial of service...

CVE-2022-42271

NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution...

PT-2021-7645 · Openbmc · Openbmc

Name of the Vulnerable Software and Affected Versions: OpenBMC version 2.9 Description: The issue is related to the netipmid interface IPMI lan+ in the OpenBMC embedded operating system, which is associated with errors during the authentication procedure. An attacker can exploit this issue by...

Dell OpenManage Enterprise 操作系统命令注入漏洞

Dell OpenManage Enterprise is an easy-to-use, one-to-many systems management console for IT infrastructure management from Dell, Inc. The software supports cost-effective, comprehensive lifecycle management of Dell EMC PowerEdge servers from a single console. An operating system command injection...

Important: Red Hat Security Advisory: ipmitool security update

An update for ipmitool is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Important: Red Hat Security Advisory: ipmitool security update

An update for ipmitool is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...

Important: Red Hat Security Advisory: ipmitool security update

An update for ipmitool is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...

Important: Red Hat Security Advisory: ipmitool security update

An update for ipmitool is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

RHEL 6 : ipmitool (RHSA-2020:1331)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1331 advisory. The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface IPMI...