1792 matches found
CVE-2024-54085
AMI MegaRAC SPx BMC contains an authentication bypass via the Redfish Host Interface that allows remote attackers to bypass authentication. This affects SPx products, with CVSS data indicating CRITICAL impact (NVD CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base 9.8) and (CVSS 4.0: AV:N/AC:L/A...
PT-2025-10756
Name of the Vulnerable Software and Affected Versions AMI MegaRAC SPx versions prior to 2024-08-27 ASUS PRO WS W790E-SAGE SE version prior to 1.1.57 ASUS PRO WS W680M-ACE SE version prior to 1.1.21 ASUS PRO WS WRX90E-SAGE SE version prior to 2.1.28 ASUS Pro WS WRX80E-SAGE SE WIFI version prior to...
AMI MegaRAC 安全漏洞
AMI MegaRAC is a family of service processor products from AMI, Inc. Complete out-of-band or unlit remote management of computer systems independent of operating system state or location is available to troubleshoot computers and ensure service continuity. A security vulnerability exists in AMI...
Amazon Linux AMI : kernel (ALAS-2025-1961)
The version of kernel installed on the remote host is prior to 4.14.355-194.598. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1961 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string buffer overrun...
Amazon Linux AMI : kernel (ALAS-2025-1963)
The version of kernel installed on the remote host is prior to 4.14.352-190.569. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1963 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in...
Amazon Linux AMI : kernel (ALAS-2025-1962)
The version of kernel installed on the remote host is prior to 4.14.353-190.569. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1962 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipcudpaddr2st...
Amazon Linux AMI : kernel (ALAS-2025-1960)
The version of kernel installed on the remote host is prior to 4.14.355-195.591. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1960 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of STR method...
CVE-2022-40258
AMI Megarac Weak password hashes for Redfish & API...
CVE-2024-33659
AMI APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation by a local attacker. Successful exploitation of these vulnerabilities may lead to overwriting arbitrary memory and execute arbitrary code at SMM level, also impacting Confidentiality, Integrity, a...
CVE-2024-33659
AMI APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation by a local attacker. Successful exploitation of these vulnerabilities may lead to overwriting arbitrary memory and execute arbitrary code at SMM level, also impacting Confidentiality, Integrity, a...
CVE-2024-33659
The CVE-2024-33659 entry concerns AMI AptioV BIOS with an Improper Input Validation flaw that allows a local attacker to overwrite memory and execute arbitrary code at the System Management Mode (SMM) level, impacting confidentiality, integrity, and availability. Documents consistently identify t...
AMI AptioV 安全漏洞
AMI AptioV is a firmware-related editor from AMI USA. A security vulnerability exists in AMI AptioV that stems from the inclusion of a BIOS vulnerability that can be exploited by an attacker to cause incorrect input validation by a local attacker...
CVE-2022-2827
AMI MegaRAC User Enumeration Vulnerability...
CVE-2022-26872
AMI Megarac Password reset interception via API...
Amazon Linux AMI : kernel (ALAS-2025-1957)
The version of kernel installed on the remote host is prior to 4.14.355-195.582. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1957 advisory. In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in...
Amazon Linux AMI : rsync (ALAS-2025-1954)
The version of rsync installed on the remote host is prior to 3.0.6-12.15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1954 advisory. Placeholder CVE. Details forthcoming CVE-2024-12085 Placeholder CVE. Details forthcoming CVE-2024-12086 Placeholder CVE...
Amazon Linux AMI : expat (ALAS-2025-1953)
The version of expat installed on the remote host is prior to 2.1.0-15.35. It is, therefore, affected by a vulnerability as referenced in the ALAS-2025-1953 advisory. An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. CVE-2024-45490...
CVE-2022-29974
AMI aka American Megatrends NTFS driver 1.0.0 fixed in late 2021 or early 2022 has a buffer overflow. This driver is, for example, used in certain ASUS devices...
CVE-2022-29974
AMI NTFS driver 1.0.0 contains a buffer overflow vulnerability. The driver is used in certain ASUS devices. The issue was fixed by AMI in late 2021 or early 2022; downstream products may not reflect the fix yet. Red Hat records the same description. Practical impact is a potential overflow in the...
CVE-2022-29974
AMI aka American Megatrends NTFS driver 1.0.0 fixed in late 2021 or early 2022 has a buffer overflow. This driver is, for example, used in certain ASUS devices...