145 matches found
CVE-2023-32659
SUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications...
Security Bulletin: This Power System update is being released to address CVE-2024-41007
Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2024-41007, by upgrading PowerVM and thus addressing the exposure ...
Schweitzer Engineering Laboratories多款产品 安全漏洞
Schweitzer Engineering Laboratories SEL-5033 acSELerator RTAC Software and more are products of Schweitzer Engineering Laboratories, Inc. of the U.S.A. Schweitzer Engineering Laboratories SEL-5033 acSELerator RTAC Software is a graphical, easy-to-use tool that helps users quickly and easily...
Security Bulletin: This Power System update is being released to address CVE-2023-52340
Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2023-52340, by upgrading PowerVM and thus addressing the exposure ...
Security Bulletin: This Power System update is being released to address CVE-2025-0986
Summary A Linux partition in Power10 processor compatibility mode can cause undetected data loss or error when performing gzip compression using hardware acceleration during a specific hardware state window. Vulnerability Details CVEID:CVE-2025-0986 DESCRIPTION: IBM PowerVM could allow a local...
Security Bulletin: This Power System update is being released to address CVE 2022-2809
Summary POWER10: In response to a security issue with the BMC HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2022-2809. Vulnerability Details CVEID:CVE-2022-2809 DESCRIPTION: In IBM OPENBMC, when using using a...
Security Bulletin: This Power System update is being released to address CVE 2022-22488
Summary POWER9: In response to a security issue with the BMC web server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2022-22488. Vulnerability Details CVEID:CVE-2022-22488 DESCRIPTION: IBM BMC could allow a privileged user ...
Security Bulletin: This Power System update is being released to address CVE 2022-34331
Summary A security problem for CVE-2022-34331 was addressed where switches configured to monitor network traffic for malicious activity are not effective because of errant adapter configuration changes. The misconfigured adapter can cause network traffic to flow directly between the VFs and not o...
Security Bulletin: This Power System update is being released to address CVE 2021-29891
Summary POWER9: In response to a security issue with BMC's HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2021-29891. Vulnerability Details CVEID:CVE-2021-29891 DESCRIPTION: IBM OPENBMC could allow a privileged...
Security Bulletin: This Power System update is being released to address CVE-2024-41781
Summary An attacker that gains service access to the HMC can locate and through a series of service procedures decrypt data contained in the Platform KeyStore Vulnerability Details CVEID:CVE-2024-41781 DESCRIPTION: IBM PowerVM Platform KeyStore functionality can be compromised if an attacker gain...
Security Bulletin: This Power System update is being released to address CVE-2024-45656
Summary IBM Flexible Service Processor FSP has static credentials which may allow network users to gain service privileges to the FSP. Vulnerability Details CVEID:CVE-2024-45656 DESCRIPTION: IBM Flexible Service Processor FSP has static credentials which may allow network users to gain service...
Security Bulletin: This Power System update is being released to address CVE-2024-26665
Summary When the BMC is configured to use IPv6, it is vulnerable to an attacker per CVE-2024-26665. Vulnerability Details CVEID:CVE-2024-26665 DESCRIPTION: Linux Kernel is vulnerable to a denial of service caused by out-of-bounds access when building IPv6 PMTU. By sending a specially crafted...
Security Bulletin: This Power System update is being released to address CVE-2023-52881
Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2023-52881, by upgrading PowerVM and thus addressing the exposure ...
Security Bulletin: This Power System update is being released to address CVE-2022-0480 and CVE-2023-6531
Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console and by the Runtime Processor Diagnostics in PowerVM. This bulletin provides a remediation for the impacted vulnerabilities, CVE-2022-0480 an...
Altenergy Power System Control Software 注入漏洞
Altenergy Power System Control Software is microinverter control software from Altenergy Power System. An injection vulnerability exists in Altenergy Power System Control Software version 20241108 and prior versions, which stems from an SQL injection in parameter date...
Altenergy Power System Control Software 注入漏洞
Altenergy Power System Control Software is microinverter control software from Altenergy Power System. An injection vulnerability exists in Altenergy Power Control Software 20241108 and prior versions that stems from an improper authorization issue in the file /index.php/display/database/...
The vulnerability of the software for managing and monitoring hardware resources of the IBM Flexible Service Processor (FSP) in IBM Power System software allows a hacker to gain access to the FSP services.
The vulnerability of the software for managing and monitoring hardware resources of the IBM Flexible Service Processor FSP in IBM Power System software is related to the use of pre-installed account data. Exploiting this vulnerability can allow a malicious actor to gain access to FSP services...
Security Bulletin: This Power System update is being released to address CVE-2023-1206
Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2023-1206, by upgrading PowerVM and thus addressing the exposure t...
Security Bulletin: This Power System update is being released to address CVE-2024-41660
Summary The BMC's service location protocol SLP service is vulnerable to an attacker who has network access to the BMC causing a buffer overflow which could lead to arbitrary code execution on the BMC. Vulnerability Details CVEID:CVE-2024-41660 DESCRIPTION: OpenBMC slpd-lite is vulnerable to a...
Security Bulletin: This Power System update is being released to address CVE-2024-35124
Summary The BMC is vulnerable during the time it is connected to the network and does not yet have its "admin" account password set. Vulnerability Details CVEID:CVE-2024-35124 DESCRIPTION: During OpenBMC new installation, an attacker with network access gain administrative access even if the...