CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

BDU FSTEC•added 2024/10/30 12:0 a.m.•2 views

The vulnerability of the software for managing and monitoring hardware resources of the IBM Flexible Service Processor (FSP) in IBM Power System software allows a hacker to gain access to the FSP services.

The vulnerability of the software for managing and monitoring hardware resources of the IBM Flexible Service Processor FSP in IBM Power System software is related to the use of pre-installed account data. Exploiting this vulnerability can allow a malicious actor to gain access to FSP services...

10CVSS5.4AI score0.00154EPSS

Exploits0References2Affected Software23

OSV•added 2024/10/29 1:15 a.m.•2 views

CVE-2024-45656

IBM Flexible Service Processor FSP FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP...

9.8CVSS5.8AI score

Vulnrichment•added 2024/10/29 12:37 a.m.•16 views

CVE-2024-45656 IBM Flexible Service Processor hard coded credentials

9.8CVSS7.2AI score0.00154EPSS

Cvelist•added 2024/10/29 12:37 a.m.•15 views

CVE-2024-45656 IBM Flexible Service Processor hard coded credentials

9.8CVSS0.00154EPSS

CNNVD•added 2024/10/29 12:0 a.m.•3 views

IBM Flexible Service Processor 信任管理问题漏洞

The IBM Flexible Service Processor IBM FSP is a series of flexible service processors from International Business Machines IBM. IBM Flexible Service Processor is vulnerable to a trust management issue vulnerability that stems from having static credentials that could allow a network user to gain...

9.8CVSS6.8AI score0.00154EPSS

Packet Storm•added 2024/10/29 12:0 a.m.•216 views

ABB Cylon Aspect 3.08.01 Active Debug Data Exposure

ABB Cylon Aspect 3.08.01 auth/ Active Debug Code Vulnerability Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: 3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...

BDU FSTEC•added 2024/10/29 12:0 a.m.•1 views

The vulnerability of the Software Guard eXtensions (SGX) processor implementation allows a hacker to disclose protected information.

The vulnerability of the Software Guard eXtensions SGX processor implementation is related to the checking of incorrect conditions. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.3CVSS5.4AI score0.00046EPSS

Exploits0References4

Packet Storm•added 2024/10/28 12:0 a.m.•218 views

ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure

ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building...

SUSE CVE•added 2024/10/26 3:2 a.m.•2 views

SUSE CVE-2024-49926

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix access non-existent percpu rtpcp variable in rcutasksneedgpcb For kernels built with CONFIGFORCENRCPUS=y, the nrcpuids is defined as NRCPUS instead of the number of possible cpus, this will cause the following syst...

5.5CVSS7.7AI score0.00018EPSS

Exploits0References5

Positive Technologies•added 2024/10/25 12:0 a.m.•3 views

PT-2024-7403 · Ibm · Ibm Flexible Service Processor

Name of the Vulnerable Software and Affected Versions: IBM Flexible Service Processor FSP versions FW860.00 through FW860.B3 IBM Flexible Service Processor FSP versions FW950.00 through FW950.C0 IBM Flexible Service Processor FSP versions FW1030.00 through FW1030.61 IBM Flexible Service Processor...

9.8CVSS7.3AI score0.00154EPSS

Exploits0References11

Packet Storm•added 2024/10/24 12:0 a.m.•348 views

ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure

ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: 3.08.02 Summary: ASPECT is an award-winning scalable building energy...

Vulnrichment•added 2024/10/23 12:0 a.m.•15 views

CVE-2024-50383

Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 used in Chacha-Poly1305 and x25519. An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i38...

6.9AI score0.00173EPSS

Exploits1References4

Packet Storm•added 2024/10/23 12:0 a.m.•365 views

ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure

ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

SUSE CVE•added 2024/10/22 2:50 a.m.•1 views

SUSE CVE-2024-50017

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

5.5CVSS6.4AI score0.00027EPSS

Exploits0References20

0day.today•added 2024/10/22 12:0 a.m.•240 views

ABB Cylon Aspect 3.08.01 networkDiagAjax.php Remote Network Utility Execution Vulnerability

ABB Cylon Aspect version 3.08.01 allows an unauthenticated attacker to perform network operations such as ping, traceroute, or nslookup on arbitrary hosts or IPs by sending a crafted GET request to networkDiagAjax.php. This could be exploited to interact with or probe internal or external systems...

7.2AI score