Lucene search
K

935 matches found

RedhatCVE
RedhatCVE
added 2026/03/25 3:27 p.m.4 views

CVE-2026-23323

A flaw was found in the Linux kernel's macsmc-hwmon driver, which is responsible for managing hardware monitoring on Apple Silicon systems. Incorrect sensor population logic could lead to out-of-bounds memory access or data corruption. Additionally, a flaw in the float conversion routines could...

5.8AI score0.00134EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2026/03/02 12:0 a.m.152 views

📄 Honeywell Trend IQ4xx BMS Controller Unauthenticated Remote Web-HMI Control / Lockout

The Honeywell IQ4 Trend IQ4 exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System User level 100 context, granting read/write privileges to any party able to...

5.9AI score
Exploits0
OSV
OSV
added 2026/02/27 9:30 a.m.3 views

GHSA-HFCP-477W-3WJW rubyipmi is vulnerable to OS Command Injection through malicious usernames

A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller BMC component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote...

8.3CVSS6.5AI score0.00771EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2026/02/27 9:30 a.m.10 views

rubyipmi is vulnerable to OS Command Injection through malicious usernames

A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller BMC component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote...

8.8CVSS6.5AI score0.00771EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2026/02/27 8:17 a.m.10 views

CVE-2026-0980

A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller BMC component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote...

8.8CVSS0.00771EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.9 views

PT-2026-22312

Name of the Vulnerable Software and Affected Versions rubyipmi affected versions not specified Description A flaw exists in rubyipmi, a gem used in the Baseboard Management Controller BMC component of Red Hat Satellite. An authenticated attacker possessing host creation or update permissions can...

8.3CVSS6.8AI score0.00771EPSS
Exploits0References13
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/01/23 2:29 a.m.9 views

"iRMC S5/S6" implemented in PRIMERGY vulnerable to incorrect authorization

Overview Remote Management Controller "iRMC S5/S6" implemented in PRIMERGY provided by Fsas Technologies Inc. contains the following vulnerability. Incorrect authorization CWE-863 - CVE-2025-65002 Fsas Technologies Inc. reported this vulnerability to JPCERT/CC to notify users of its solution...

7.5CVSS5.6AI score0.0026EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/17 9:15 a.m.4 views

CVE-2025-12007

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image...

8.4CVSS6.9AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 9:15 a.m.17 views

CVE-2025-12006

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW-F . An attacker can update the system firmware with a specially crafted image...

7.2CVSS0.00277EPSS
Exploits0References1
CVE
CVE
added 2026/01/16 8:39 a.m.19 views

CVE-2025-12007

CVE-2025-12007 affects Supermicro BMC firmware validation logic on the MBD-X13SEM-F board. The vulnerability enables an attacker to update system firmware using a specially crafted image due to flawed BMC firmware verification. Impact is aligned with a high-severity CVSS vector (local, low comple...

8.4CVSS6.5AI score0.0012EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/16 8:39 a.m.4 views

CVE-2025-12007 Supermicro BMC firmware update validation bypass

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image...

6.5AI score0.0012EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.6 views

SuperMicro MBD-X12STW security vulnerabilities

The SuperMicro MBD-X12STW is a server motherboard produced by the American company SuperMicro. The MBD-X12STW has a security vulnerability, which stems from issues with the BMC firmware verification logic. This vulnerability could allow attackers to use customized image updates to update the syst...

7.2CVSS5.8AI score0.00277EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:17 a.m.5 views

CVE-2021-0147

Improper locking in the Power Management Controller PMC for some Intel Chipset firmware before versions pmcfwlbgc1-21ww02a and pmcfwlbgb0-21ww02a may allow a privileged user to potentially enable denial of service via local access...

4.4CVSS6.3AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:12 a.m.4 views

CVE-2019-11175

Insufficient input validation in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access...

7.5CVSS6.9AI score0.01059EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:11 a.m.3 views

CVE-2019-11168

Insufficient session validation in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access...

9.1CVSS6.9AI score0.01255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:11 a.m.6 views

CVE-2019-11177

Unhandled exception in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access...

7.8CVSS6.9AI score0.0111EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:10 a.m.7 views

CVE-2019-11178

Stack overflow in IntelR Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network access...

8.1CVSS6.9AI score0.01027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:10 a.m.6 views

CVE-2019-11170

Authentication bypass in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local access...

7.8CVSS7.3AI score0.00404EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:27 a.m.4 views

CVE-2023-31015

NVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, code execution, and denial of service...

7.8CVSS7.2AI score0.0018EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/12/31 12:25 a.m.9 views

SUSE CVE-2023-54320

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...

4.7CVSS6.5AI score0.00159EPSS
Exploits0References5
Rows per page
Query Builder