37 matches found
EUVD-2013-4629
Malware in sbrugna...
EUVD-2014-2977
Malware in sbrugna...
EUVD-2024-37384
Malicious code in bioql PyPI...
EUVD-2024-49062
Malicious code in bioql PyPI...
CVE-2013-4782
The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 aka cipher zero and an arbitrary password...
CVE-2024-38512
A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands...
CVE-2024-8278
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands...
Security Bulletin: Multiple vulnerabilities in XCC affect Cloud Pak System
Summary Multiple Vulnerabilities in XClarity Controller XCC affect IBM Cloud Pak System. XCC is used by Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities. Vulnerability Details CVEID:CVE-2024-38510 DESCRIPTION: Lenovo XClarity Controller XCC could allow a remote...
CVE-2024-8278
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands...
CVE-2024-8278
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands...
CVE-2024-8278
CVE-2024-8278 (XCC) affects Lenovo XClarity Controller (XCC) embedded in IBM Cloud Pak System SR630 OEMSR630. A remote, authenticated attacker with elevated privileges can perform command injection via specially crafted IPMI commands due to an input-validation weakness. Base CVSS v3.1: 7.2 (HIGH)...
CVE-2024-8278
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands...
CVE-2024-38512
A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands...
CVE-2024-38512
A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands...
CVE-2024-38512
CVE-2024-38512 is a privilege-escalation flaw in Lenovo/IBM XClarity Controller (XCC). An authenticated XCC user with elevated privileges could execute arbitrary commands by sending specially crafted IPMI commands, potentially impacting systems using XCC (e.g., IBM Cloud Pak System). The issue is...
CVE-2024-38512
A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands...
Dell iDRAC6 Improper Authentication (CVE-2013-4783)
The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 aka cipher zero and an arbitrary password. NOTE: the vendor disputes the...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 13.0 (python-virtualbmc) security update
An update for python-virtualbmc is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
[SECURITY] Fedora 36 Update: python-virtualbmc-3.0.0-1.fc36
A virtual BMC for controlling virtual machines using IPMI commands...
[SECURITY] Fedora 37 Update: python-virtualbmc-3.0.0-1.fc37
A virtual BMC for controlling virtual machines using IPMI commands...