"iRMC S5/S6" implemented in PRIMERGY vulnerable to incorrect authorization

Overview Remote Management Controller "iRMC S5/S6" implemented in PRIMERGY provided by Fsas Technologies Inc. contains the following vulnerability. Incorrect authorization CWE-863 - CVE-2025-65002 Fsas Technologies Inc. reported this vulnerability to JPCERT/CC to notify users of its solution...

PT-2025-46684

Name of the Vulnerable Software and Affected Versions Fujitsu iRMC S6 on M5 versions prior to 1.37S Description The software mishandles Redfish/WebUI access when a username with a length of exactly 16 characters is used. The issue affects access through the Redfish API and the WebUI. The vulnerab...

EUVD-2022-43556

Malicious code in bioql PyPI...

EUVD-2024-18080

Malicious code in bioql PyPI...

CVE-2024-21927

Improper input validation in Satellite Management Controller SMC may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service processes like OpenBMC to crash and reset, potentially resulting in denial of service...

CVE-2024-20365

A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This...

CVE-2022-40258

AMI Megarac Weak password hashes for Redfish & API...

AMD GPU Security Vulnerabilities

AMD ID: AMD-SB-6016 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential security vulnerabilities in the Satellite Management Controller SMC in AMD Instinct™ MI300X accelerators were discovered during internal audit/penetration...

Cisco Redfish API Command Injection (cisco-sa-cimc-redfish-cominj-sbkv5ZZ)

According to its self-reported version, the remote Cisco host is affected by a command injection vulnerability. - A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative...

CVE-2024-20365

A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This...

CVE-2024-20365 Cisco Integrated Management Controller Redfish Command Injection Vulnerability

A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This...

CVE-2024-20365

CVE-2024-20365 affects Cisco UCS B-Series, Managed C-Series, and X-Series servers via the Redfish API. The issue arises from insufficient input validation in the Redfish API, allowing an authenticated user with administrative privileges to inject commands and elevate to root on the affected devic...

CVE-2024-20365 Cisco Integrated Management Controller Redfish Command Injection Vulnerability

A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This...

AMI MegaRAC SP-X BMC Redfish Vulnerabilities - Lenovo Support US

No description provided...

PT-2022-5773 · Ami · Megarac

Name of the Vulnerable Software and Affected Versions: MegaRAC affected versions not specified Description: The issue is related to errors in code generation in the AMI MegaRAC Redfish API interface, which can be exploited by a remote attacker to execute arbitrary code by sending a specially...