Lucene search
+L

273 matches found

Prion
Prion
added 2023/05/23 2:15 p.m.19 views

Design/Logic Flaw

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function VF to cause a denial of servic...

3.6CVSS7.4AI score0.00184EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/05/23 1:20 p.m.69 views

CVE-2023-30440

CVE-2023-30440 affects IBM PowerVM Hypervisor across multiple firmware branches (FW860, FW950, FW1010, FW1020, FW1030). The issue allows a local attacker who controls a partition with an SRIOV VF to cause a denial of service to a peer partition or arbitrary data corruption. Root cause details spe...

7.9CVSS6.9AI score0.00184EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/05/23 1:20 p.m.28 views

CVE-2023-30440 IBM PowerVM Hypervisor denial of service

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function VF to cause a denial of servic...

6.7CVSS7.5AI score0.00184EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/23 1:20 p.m.8 views

CVE-2023-30440 IBM PowerVM Hypervisor denial of service

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function VF to cause a denial of servic...

6.7CVSS7.4AI score0.00184EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/05/23 12:0 a.m.6 views

IBM PowerVM Hypervisor 输入验证错误漏洞

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. provides a secure and scalable virtualized environment for applications built on the advanced RAS features and leading performance of the Power Systems platform. An input validation error vulnerability exists ...

7.9CVSS7.7AI score0.00184EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/23 12:0 a.m.8 views

PT-2023-22694 · Ibm · Ibm Powervm Hypervisor

Name of the Vulnerable Software and Affected Versions: IBM PowerVM Hypervisor versions FW860.00 through FW860.B3 IBM PowerVM Hypervisor versions FW950.00 through FW950.70 IBM PowerVM Hypervisor versions FW1010.00 through FW1010.50 IBM PowerVM Hypervisor versions FW1020.00 through FW1020.30 IBM...

7.9CVSS7.5AI score0.00184EPSS
Exploits0References4
NVD
NVD
added 2023/05/17 1:15 p.m.23 views

CVE-2023-30438

An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of...

9.3CVSS8.8AI score0.00236EPSS
Exploits0References2
OSV
OSV
added 2023/05/17 1:15 p.m.5 views

CVE-2023-30438

An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of...

8.8CVSS7.6AI score0.00236EPSS
Exploits0References2
Prion
Prion
added 2023/05/17 1:15 p.m.21 views

Design/Logic Flaw

An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of...

4.3CVSS8.2AI score0.00236EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/17 12:48 p.m.11 views

CVE-2023-30438 IBM PowerVM gain access

An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of...

9.3CVSS6.7AI score0.00236EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/17 12:48 p.m.27 views

CVE-2023-30438 IBM PowerVM gain access

An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of...

9.3CVSS8.7AI score0.00236EPSS
Exploits0References2
CVE
CVE
added 2023/05/17 12:48 p.m.67 views

CVE-2023-30438

PowerVM in IBM Power9/Power10 systems contains an internally discovered vulnerability that could allow a privileged user in one logical partition to violate isolation and potentially leak data or execute code in other partitions on the same physical server. Affected component is the PowerVM Hyper...

9.3CVSS8.6AI score0.00236EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/05/17 12:0 a.m.6 views

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. Providing a secure and scalable virtualized environment, these applications are built on the advanced RAS features and leading performance of the Power Systems platform. A security vulnerability exists in IBM...

9.3CVSS8.4AI score0.00236EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/17 12:0 a.m.10 views

PT-2023-22692 · Ibm · Powervm

Name of the Vulnerable Software and Affected Versions: PowerVM on IBM Power9 and Power10 systems affected versions not specified Description: An internally discovered issue in PowerVM could allow an attacker with privileged user access to a logical partition to perform an undetected violation of...

9.3CVSS8.4AI score0.00236EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/05 1:19 p.m.21 views

Security Bulletin: IBM PowerVM Novalink is vulnerable because Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the temporary files. (CVE-2022-45787)

Summary IBM PowerVM Novalink is vulnerable because Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the temporary files. By sending a specially-crafted request, an attacker could exploit this vulnerability to...

5.5CVSS6.1AI score0.00274EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/05 1:17 p.m.44 views

Security Bulletin: IBM PowerVM Novalink is vulnerable because CXF is vulnerable to server-side request forgery (CVE-2022-46364)

Summary IBM PowerVM Novalink is vulnerable because Apache CXF is vulnerable to server-side request forgery, caused by a flaw in parsing the href attribute of XOP:Include in MTOM requests. By using a specially-crafted request, an attacker could exploit this vulnerability to conduct SSRF attack...

9.8CVSS9.3AI score0.0193EPSS
Exploits6Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:54 p.m.72 views

K61294700: Linux kernel vulnerability CVE-2020-27777

Security Advisory Description A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further...

7.2CVSS6.5AI score0.00501EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/13 5:14 a.m.33 views

Security Bulletin: IBM PowerVM Novalink is vulnerable because Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. (CVE-2022-21628)

Summary IBM PowerVM Novalink is vulnerable because Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. Vulnerability Detail...

5.3CVSS5.5AI score0.02376EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/13 5:14 a.m.33 views

Security Bulletin: IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty vulnerable to protobuf-java core and lite are vulnerable to a denial of service. (CVE-2022-3509)

Summary IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty vulnerable to protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for textformat data. By sending non-repeated embedded messages with repeated or...

7.5CVSS6.3AI score0.01048EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/13 5:14 a.m.61 views

Security Bulletin: IBM PowerVM Novalink is vulnerable because Apache Commons IO could allow a remote attacker to traverse directories on the system

Summary IBM PowerVM Novalink is vulnerable because Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An attacker could send a specially-crafted URL request containing "dot dot" sequence...

5.8CVSS6.6AI score0.10608EPSS
Exploits1Affected Software1
Rows per page
Query Builder