Lucene search
K

1792 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:49 a.m.11 views

CVE-2023-37296

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

8.8CVSS7AI score0.00259EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:41 a.m.8 views

CVE-2023-39538

AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a BMP Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

7.8CVSS6.9AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:40 a.m.14 views

CVE-2023-39539

AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a PNG Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

7.8CVSS6.8AI score0.00623EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:11 a.m.13 views

CVE-2023-39535

AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability...

7.8CVSS6.7AI score0.00206EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:11 a.m.7 views

CVE-2023-39536

AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability...

7.8CVSS6.7AI score0.00206EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.7 views

CVE-2023-28863

AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity...

9.1CVSS7AI score0.0035EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:23 a.m.6 views

CVE-2023-34344

AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username, which may lead to information disclosure...

5.3CVSS6.4AI score0.0045EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:7 a.m.10 views

CVE-2022-43779

A potential Time-of-Check to Time-of-Use TOCTOU vulnerability has been identified in certain HP PC products using AMI UEFI Firmware system BIOS which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerabili...

7CVSS7.3AI score0.00136EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:57 p.m.6 views

CVE-2022-29974

AMI aka American Megatrends NTFS driver 1.0.0 fixed in late 2021 or early 2022 has a buffer overflow. This driver is, for example, used in certain ASUS devices...

4.3CVSS7.2AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:10 p.m.7 views

CVE-2020-11489

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure...

7.5CVSS6.7AI score0.01316EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:46 p.m.13 views

CVE-2020-10666

The restapps aka Rest Phone apps module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command...

9.8CVSS7.9AI score0.02237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:37 p.m.7 views

CVE-2020-5812

Nessus AMI versions 8.12.0 and earlier were found to either not validate, or incorrectly validate, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle MITM attack...

5.9CVSS6.9AI score0.00515EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.15 views

Amazon Linux AMI : kernel (ALAS-2025-1977)

The version of kernel installed on the remote host is prior to 4.14.355-196.643. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1977 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fai...

7.8CVSS6.5AI score0.00281EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/04/22 12:0 a.m.14 views

Amazon Linux AMI : golang (ALAS-2025-1971)

The version of golang installed on the remote host is prior to 1.23.7-1.50. It is, therefore, affected by a vulnerability as referenced in the ALAS-2025-1971 advisory. Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a...

7.5CVSS7.1AI score0.01403EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/19 12:0 a.m.13 views

Amazon Linux AMI : emacs (ALAS-2025-1964)

The version of emacs installed on the remote host is prior to 24.3-20.26. It is, therefore, affected by a vulnerability as referenced in the ALAS-2025-1964 advisory. A flaw was found in the Emacs text editor. Improper handling of custom man URI schemes allows attackers to execute arbitrary shell...

8.8CVSS8.1AI score0.0256EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/19 12:0 a.m.35 views

Amazon Linux AMI : kernel (ALAS-2025-1966)

The version of kernel installed on the remote host is prior to 4.14.355-195.603. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1966 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount...

7.8CVSS6.6AI score0.00277EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2025/03/18 1:31 p.m.34 views

New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking

A critical security vulnerability has been disclosed in AMI's MegaRAC Baseboard Management Controller BMC software that could allow an attacker to bypass authentication and carry out post-exploitation actions. The vulnerability, tracked as CVE-2024-54085 , carries a CVSS v4 score of 10.0,...

10CVSS8.7AI score0.61202EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/13 4:40 p.m.13 views

CVE-2024-54085

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

10CVSS7AI score0.61202EPSS
Exploits0References3
Circl
Circl
added 2025/03/11 2:33 p.m.11 views

CVE-2024-54085

creationtimestamp| type| source ---|---|--- 2025-03-11 14:33:49+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114144289034101069 2025-03-11 14:40:25+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lk4ccu6lze2v 2025-03-18 12:31:00+00:00| seen|...

10CVSS6.9AI score0.61202EPSS
Exploits0References100
NVD
NVD
added 2025/03/11 2:15 p.m.12 views

CVE-2024-54085

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

10CVSS0.61202EPSS
Exploits0References8
Rows per page
Query Builder