211 matches found
CVE-2022-29494
Improper input validation in firmware for OpenBMC in some IntelR platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access...
CVE-2022-22488
IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deleting too many CA certificates in a short period of time. IBM X-Force ID: 2226337...
CVE-2021-39296
In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system...
CVE-2020-14156
userchannel/passwdmgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions...
Security Bulletin: This Power System update is being released to address CVE 2022-2809
Summary POWER10: In response to a security issue with the BMC HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2022-2809. Vulnerability Details CVEID:CVE-2022-2809 DESCRIPTION: In IBM OPENBMC, when using using a...
Security Bulletin: This Power System update is being released to address CVE 2021-29891
Summary POWER9: In response to a security issue with BMC's HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2021-29891. Vulnerability Details CVEID:CVE-2021-29891 DESCRIPTION: IBM OPENBMC could allow a privileged...
CVE-2025-20097
Uncaught exception in OpenBMC Firmware for the IntelR Server M50FCP Family and IntelR Server D50DNP Family before version R01.02.0002 may allow an authenticated user to potentially enable denial of service via network access...
CVE-2025-20097
Uncaught exception in OpenBMC Firmware for the IntelR Server M50FCP Family and IntelR Server D50DNP Family before version R01.02.0002 may allow an authenticated user to potentially enable denial of service via network access...
CVE-2025-20097
Uncaught exception in OpenBMC Firmware for the IntelR Server M50FCP Family and IntelR Server D50DNP Family before version R01.02.0002 may allow an authenticated user to potentially enable denial of service via network access...
CVE-2025-20097
Uncaught exception in OpenBMC Firmware for the IntelR Server M50FCP Family and IntelR Server D50DNP Family before version R01.02.0002 may allow an authenticated user to potentially enable denial of service via network access...
CVE-2025-20097
CVE-2025-20097 : Uncaught exception in OpenBMC Firmware for IntelĀ® Server M50FCP Family and IntelĀ® Server D50DNP Family (pre-release R01.02.0002) may allow an authenticated user to cause a network-enabled denial of service. Affected product scope is limited to these OpenBMC implementations; the r...
CVE-2022-35729
Out of bounds read in firmware for OpenBMC in some IntelR platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access...
CVE-2024-31916
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026...
CVE-2024-35124
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674...
SUSE CVE-2023-52916
In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through...
CVE-2023-52916
In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through...
CVE-2023-52916
In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through...
UBUNTU-CVE-2023-52916
In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through...
CVE-2023-52916 media: aspeed: Fix memory overwrite if timing is 1600x900
In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through...
CVE-2023-52916 media: aspeed: Fix memory overwrite if timing is 1600x900
In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through...