232 matches found
IBM i Security Vulnerabilities
IBM i is a suite of operating systems from International Business Machines IBM that run on IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i that stems from a local elevation of privilege vulnerability in Management Central. An attacker could exploit the vulnerabilit...
IBM i Security Vulnerabilities
IBM i is a suite of operating systems from International Business Machines IBM that run on IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i that stems from a local elevation of privilege vulnerability in Management Central. An attacker could exploit the vulnerabilit...
power-systems-gmbh.de Improper Access Control vulnerability OBB-3767708
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
IBM i Security Vulnerabilities
IBM i is a suite of operating systems from International Business Machines IBM that run on IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i version 7.2, 7.3, and 7.4, which stems from the presence of a local elevation of privilege vulnerability. An attacker could...
IBM i Security Vulnerabilities
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. IBM i has a security vulnerability that stems from the inclusion of a local elevation of privilege vulnerability. A malicious actor accessing the host operating system...
IBM i Security Vulnerabilities
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5. An attacker exploiting this vulnerability could elevate privileges to gain root access to the...
IBM i Security Vulnerabilities
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5. An attacker exploiting this vulnerability could use elevated privileges to access the command...
IBM i 安全漏洞
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5, which can be exploited by an attacker to elevate privileges and gain root access to the host...
IBM i 代码注入漏洞
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A code injection vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5 that stems from exploiting the DDM architecture and allows remote attackers to execute CL...
sos bug fix and enhancement update
An update is available for sos. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sos package contains a set of utilities that gather information from system...
PowerPanel Business 安全漏洞
Cyber Power Systems CyberPower PowerPanel Business Edition is a suite of power management software from Cyber Power Systems, USA. The software automates the shutdown of physical and virtual infrastructures and monitors and manages CyberPower UPS systems and network-connected PDUs Power Distributi...
lib60870 安全漏洞
lib60870 is a C language library based on the IEC60870-5 protocol. The library provides support for CompanionStandard 101 CS101 and 104 CS104 of the IEC family of standards for remote control applications IEC60870-5 and is commonly used in power systems for communication between central station...
powerpc-utils bug fix and enhancement update
An update is available for powerpc-utils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The powerpc-utils packages provide various utilities for IBM Power...
Security Bulletin: Power Systems Firmware affected by vulnerability in OpenSSL (CVE-2016-0797)
Summary Power Systems Firmware affected by vulnerability in OpenSSL CVE-2016-0797 Vulnerability Details CVEID: CVE-2016-0797 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in the BNhex2bn/BNdec2bn function. An attacker could exploit this...
CVE-2022-22309
The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095...
CVE-2022-22309
The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095...
Design/Logic Flaw
The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095...
CVE-2022-22309
The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095...
CVE-2022-22309
Summary: CVE-2022-22309 affects IBM POWER systems, where the firmware service processor (FSP) is vulnerable to unauthenticated logins via the physical serial port/TTY interface. Root cause/impact: Unauthenticated access could allow login through the serial interface, with CVSS v3.1/3.0 vectors in...
IBM i SQL注入漏洞
IBM i is a set of operating systems from IBM running in IBM Power Systems and IBM PureSystems. IBM i versions 7.3, 7.4 and 7.5 have a SQL injection vulnerability, which stems from the application's lack of validation of external input SQL statements and can be used by attackers to execute illegal...