EUVD-2018-7637

Malware in sbrugna...

EUVD-2024-19533

Malicious code in bioql PyPI...

CVE-2024-21935

Improper input validation in Satellite Management Controller SMC may allow an attacker with privileges to manipulate Redfish® API commands to remove files from the local root directory, potentially resulting in data corruption...

CVE-2024-21935

Improper input validation in Satellite Management Controller SMC may allow an attacker with privileges to manipulate Redfish® API commands to remove files from the local root directory, potentially resulting in data corruption...

CVE-2024-21927

Improper input validation in Satellite Management Controller SMC may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service processes like OpenBMC to crash and reset, potentially resulting in denial of service...

CVE-2024-21935

Improper input validation in Satellite Management Controller SMC may allow an attacker with privileges to manipulate Redfish® API commands to remove files from the local root directory, potentially resulting in data corruption...

AMD Instinct MI300X accelerators 安全漏洞

AMD Instinct MI300X accelerators is a data center-grade GPU accelerator card from Ultraviolet Semiconductor AMD. A security vulnerability exists in AMD Instinct MI300X accelerators that stems from improper input validation and could allow a privileged attacker to delete local root directory files...

Siemens SIMATIC IPC RS-828A

SUMMARY SIMATIC IPC RS-828A is affected by an authentication bypass vulnerability in the Redfish interface of its Baseboard Management Controller BMC that could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire...

EUVD-2024-54252

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

PT-2024-8975 · Cisco · Managed C-Series +2

Name of the Vulnerable Software and Affected Versions: Cisco UCS B-Series, Managed C-Series, and X-Series Servers affected versions not specified Description: The issue is related to insufficient input validation in the Redfish API, allowing an authenticated, remote attacker with administrative...

Security Bulletin: This Power System update is being released to address CVE-2024-31916

Summary This affects the BMC's HTTPS-based Redfish interface. Note the BMC's web-based ASMI interface uses the Redfish interface. Vulnerability Details CVEID:CVE-2024-31916 DESCRIPTION: IBM OpenBMC's BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that...

Dell iDRAC7 Incorrect Authorization (CVE-2018-15774)

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could potentially exploit a permissions check flaw in th...

AMI MegaRAC 安全漏洞

AMI MegaRAC is a family of service processor products from AMI. Complete out-of-band or unlit remote management of computer systems independent of operating system state or location is available to troubleshoot computers and ensure service continuity. A security vulnerability exists in AMI MegaRA...

CVE-2018-15774

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could potentially exploit a permissions check flaw in th...

CVE-2018-15774 iDRAC7/iDRAC8/iDRAC9 - Privilege Escalation Vulnerability

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could potentially exploit a permissions check flaw in th...

CVE-2018-15774

Dell EMC iDRAC7/iDRAC8 firmware versions before 2.61.60.60 and iDRAC9 versions before 3.20.21.20, 3.21.24.22, 3.21.26.22, or 3.23.23.23 are affected by privilege escalation (CVE-2018-15774) due to a Redfish permissions-check flaw that could allow an authenticated operator to gain administrator ac...