CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2026/01/09 9:26 a.m.•5 views

CVE-2023-4608

An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command. This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected...

7.2CVSS7.8AI score0.00095EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-37384

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00504EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-49064

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.0041EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-49063

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00438EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-49062

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00438EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 9:4 a.m.•1 views

CVE-2024-38512

A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands...

7.2CVSS7.6AI score0.00504EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 8:55 a.m.•3 views

CVE-2024-38509

A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to execute arbitrary code via a specially crafted IPMI command...

7.2CVSS7.9AI score0.00392EPSS

Exploits0

RedhatCVE•added 2025/02/04 10:36 p.m.•2 views

CVE-2024-8278

A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands...

7.2CVSS7.5AI score0.00438EPSS

Exploits0References1

RedhatCVE•added 2025/02/04 10:31 p.m.•2 views

CVE-2024-8279

A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads...

7.2CVSS7.5AI score0.00438EPSS

Exploits0References1

Positive Technologies•added 2023/10/24 12:0 a.m.•3 views

PT-2023-29822 · Xcc · Xcc

Name of the Vulnerable Software and Affected Versions: XCC affected versions not specified Description: The issue allows an authenticated XCC user to change permissions for any user through a crafted API command. Recommendations: At the moment, there is no information about a newer version that...

8.8CVSS8.4AI score0.00125EPSS

Exploits0References3

Positive Technologies•added 2023/10/24 12:0 a.m.•2 views

PT-2023-29817 · Lenovo · Thinksystem

Name of the Vulnerable Software and Affected Versions: ThinkSystem versions v2 and v3 Description: An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command. This issue affects ThinkSystem servers with XCC. Recommendations: For...

8.1CVSS7.9AI score0.00117EPSS

Exploits0References3

Positive Technologies•added 2023/05/01 12:0 a.m.•2 views

PT-2023-20111 · Xcc · Xcc

Name of the Vulnerable Software and Affected Versions: XCC affected versions not specified Description: A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interfa...

8.8CVSS8.5AI score0.00526EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by