145 matches found
Security Bulletin: This Power System update is being released to address CVE-2022-3435
Summary POWER10: In response to a security issue with ipv4 network connections, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2022-3435. Vulnerability Details CVEID:CVE-2022-3435 DESCRIPTION: Linux Kernel could allow a remote...
SUSE CVE-2012-2395
Incomplete blacklist vulnerability in actionpower.py in Cobbler 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 username or 2 password fields to the powersystem method in the xmlrpc API...
Security Bulletin: This Power System update is being released to address multiple CVEs for vTPM1.2
Summary This update addresses multiple CVEs that impacts any VM configured with a virtual trusted platform module vTPM version 1.2 Vulnerability Details CVEID:CVE-2018-5407 DESCRIPTION: Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive...
Security Bulletin: This Power System update is being released to address CVE-2021-3746
Summary A security problem for CVE-2021-3746 has been resolved which affects any VM configured with a virtual trusted platform module vTPM version 2. Vulnerability Details CVEID:CVE-2021-3746 DESCRIPTION: libtpms is vulnerable to a denial of service, caused by an out-of-bounds access flaw. By...
Security Bulletin: This Power System update is being released to address CVE 2021-45486
Summary A security problem was fixed for the Virtualization Management Interface VMI for vulnerability CVE-2021-45486 that could allow a remote attacker to reveal sensitive information Vulnerability Details CVEID:CVE-2021-45486 DESCRIPTION: Linux Kernel could allow a local attacker to obtain...
Generex UPS Adapter CS141 Command Execution Vulnerability
Generex UPS Adapter CS141 is a UPS Uninterruptible Power System adapter from Generex, a German company.A command execution vulnerability exists in Generex UPS Adapter CS141 versions prior to 2.08, which originates from the web of runupdate in /usr/bin/gxservice -update.sh interface fails to...
Security Bulletin: This Power System update is being released to address CVE 2022-0778
Summary POWER9: In response to a security issue with network connections, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2022-0778. Vulnerability Details CVEID:CVE-2022-0778 DESCRIPTION: OpenSSL is vulnerable to a denial of...
Security Bulletin: Power Systems Firmware affected by vulnerability in OpenSSL (CVE-2016-0797)
Summary Power Systems Firmware affected by vulnerability in OpenSSL CVE-2016-0797 Vulnerability Details CVEID: CVE-2016-0797 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in the BNhex2bn/BNdec2bn function. An attacker could exploit this...
Security Bulletin: This Power System update is being released to address CVE-2019-16649 and CVE-2019-16650
Summary POWER8 and POWER9: In response to security issues with virtual media, new Power System firmware updates are being released to address Common Vulnerabilities and Exposures issue numbers CVE-2019-16649 and CVE-2019-16650. Vulnerability Details CVEID:CVE-2019-16649 DESCRIPTION: Multiple...
Ormazabal ekorCCP 和 ekorRCI 资源管理错误漏洞
Ormazabal is a family of power system management products. A security vulnerability exists in Ormazabal ekorCCP and ekorRCI, no information is available at this time, please stay tuned to CNNVD or the vendor announcement...
Ormazabal ekorCCP 和 ekorRCI 安全漏洞
Ormazabal is a family of power system management products. A security vulnerability exists in Ormazabal ekorCCP and ekorRCI. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor announcement...
Ormazabal 安全漏洞
Ormazabal is a family of power system management products. A security vulnerability exists in Ormazabal. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor announcement...
Ormazabal 安全漏洞
Ormazabal is a family of power system management products. A security vulnerability exists in Ormazabal. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor announcement...
Security Bulletin: An attacker that gains service access to the FSP (POWER9 only) or gains admin authority to a partition can compromise partition firmware.
Summary PowerVM partition firmware is the portion that executes in each partition during boot. On POWER9 systems an attacker that gains service access to the FSP can compromise partition firmware for any partition configured on the system. On all affected systems an attacker that gains admin...
Security Bulletin: Power System Firmware is affected by openssl vulnerabilities(CVE-2013-4353, CVE -2013-6449)
Summary Power System Firmware is affected by openssl vulnerabilities. Vulnerability Details CVE ID: CVE-2013-4353 DESCRIPTION: A carefully crafted invalid TLS handshake could crash OpenSSL with a NULL pointer exception. A malicious server could use this flaw to crash a connecting client. This iss...
IBM Power System 安全漏洞
The IBM Power System is a Power processor-based server computer from IBM in the United States. A security vulnerability exists in the IBM Power System, which arises from a pre-production kernel package that can be bootstrapped by grub in Secure Boot Mode. These kernel builds do not have the Secur...
IBM Power System 访问控制错误漏洞
The IBM Power System is a Power processor-based server computer from IBM in the United States. A security vulnerability exists in the IBM Power System that originates from the FSP being susceptible to unauthenticated logins via the serial port/TTY interface. The following products and versions ar...
Security Bulletin: This Power System update is being released to address CVE-2020-1968
Summary POWER9: In response to a security issue with FSP's ASMi web GUI connection via OpenSSL a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2020-1968 Vulnerability Details CVEID: CVE-2020-1968 DESCRIPTION: OpenSSL could allo...
Security Bulletin: This Power System update is being released to address CVE 2022-22309
Summary POWER8/POWER9: The POWER systems FSP is vulnerable to unauthenticated logins through the physical serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. In response to this security issue, a new Power System firmware...
Security Bulletin: This Power System update is being released to address CVE 2021-29847
Summary POWER8: In response to a security issue with BMC's configuration, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2019-29847. Vulnerability Details CVEID:CVE-2021-29847 DESCRIPTION: BMC firmware configuration changed to...