CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 6 days ago•6 views

SUSE CVE-2026-46128

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

SUSE CVE•added 6 days ago•6 views

SUSE CVE-2026-46177

In the Linux kernel, the following vulnerability has been resolved: ipmi: Add limits to event and receive message requests The driver would just fetch events and receive messages until the BMC said it was done. To avoid issues with BMCs that never say they are done, add a limit of 10 fetches at a...

7.5CVSS5.8AI score0.00068EPSS

Tenable Nessus•added 6 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-46128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after t...

5.9AI score0.00032EPSS

RedhatCVE•added last week•3 views

CVE-2026-46177

A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI driver. This vulnerability allows a malfunctioning Baseboard Management Controller BMC to cause the IPMI driver to continuously fetch events and messages, or become stuck if the attention bit remains active. Thi...

7.5CVSS5.8AI score0.00068EPSS

Exploits0References4

OSV•added 2026/05/28 10:16 a.m.•2 views

UBUNTU-CVE-2026-46177

7.5CVSS5.7AI score0.00068EPSS

Exploits0References8

EUVD•added 2026/05/28 9:35 a.m.•5 views

EUVD-2026-32887

CVE•added 2026/05/28 9:35 a.m.•10 views

Exploits0References5

CVE-2026-46128

The CVE covers a Linux kernel IPMI issue where event message buffer data size was only validated later in processing instead of immediately after the response. Some BMCs may return an empty message rather than signaling an error when fetching events. The available connected documents indicate thi...

Positive Technologies•added 2026/05/28 12:0 a.m.•2 views

Exploits0References8

PT-2026-44251

CNNVD•added 2026/05/28 12:0 a.m.•5 views

Exploits0References6

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of restrictions on IPMI events and the reception of message requests. This vulnerability could...

7.5CVSS5.8AI score0.00068EPSS

Exploits0References5

Positive Technologies•added 2026/05/08 12:0 a.m.•6 views

PT-2026-38953

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Tegra platform's Power Management Controller PMC during system suspend resume. The generic handle irq function is called from a non-interrupt context, which is...

6AI score0.00014EPSS

Exploits0References5

Cvelist•added 2026/04/03 3:15 p.m.•18 views

CVE-2026-23467 drm/i915/dmc: Fix an unlikely NULL pointer deference at probe

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe inteldmcupdatedc6allowedcount oopses when DMC hasn't been initialized, and dmc is thus NULL. That would be the case when the call path is intelpowerdomainsinithw -...

0.00015EPSS

Exploits0References3

RedhatCVE•added 2026/04/02 4:56 p.m.•1 views

CVE-2026-20095

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation...

6.5CVSS6.1AI score0.00076EPSS

RedhatCVE•added 2026/04/02 4:56 p.m.•0 views

CVE-2026-20093

A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...

9.8CVSS6.2AI score0.00026EPSS

The Hacker News•added 2026/04/02 3:21 p.m.•2 views

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released updates to address a critical security flaw in the Integrated Management Controller IMC that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system with elevated privileges. The vulnerability, tracked a...

9.8CVSS6.2AI score0.00249EPSS

Exploits0

EUVD•added 2026/04/01 6:36 p.m.•5 views

EUVD-2026-17953

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to execute arbitrary code as the root user. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. A...

6.5CVSS6.2AI score0.00092EPSS

EUVD•added 2026/04/01 6:36 p.m.•1 views

EUVD-2026-17947

9.8CVSS6AI score0.00026EPSS

NVD•added 2026/04/01 5:28 p.m.•3 views

CVE-2026-20096

6.5CVSS0.00076EPSS

NVD•added 2026/04/01 5:28 p.m.•5 views

CVE-2026-20095

6.5CVSS0.00076EPSS

NVD•added 2026/04/01 5:28 p.m.•5 views

CVE-2026-20088

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

4.8CVSS0.00039EPSS