47 matches found
EUVD-2021-13516
Malware in sbrugna...
EUVD-2021-13518
Malware in sbrugna...
EUVD-2021-12045
Malware in sbrugna...
EUVD-2021-12037
Malware in sbrugna...
EUVD-2021-12044
Malware in sbrugna...
EUVD-2021-31581
Malicious code in bioql PyPI...
CVE-2021-25134
The Baseboard Management ControllerBMC in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spxrestservice setremoteimageinfofunc...
CVE-2021-25130
The Baseboard Management ControllerBMC in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spxrestservice setactdirfunc function...
CVE-2021-44776
A broken access control vulnerability in the SubNethandlerfunc function of spxrestservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-44467
A broken access control vulnerability in the KillDupUsrfunc function of spxrestservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service DoS condition, if an input parameter is correctly guessed. This issue affects: Lanner Inc IAC-AST2500A...
CVE-2021-44776
A broken access control vulnerability in the SubNethandlerfunc function of spxrestservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-26729
Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
Stack overflow
Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
Stack overflow
A stack-based buffer overflow vulnerability in a subfunction of the Loginhandlerfunc function of spxrestservice allows an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
Improper access control
A broken access control vulnerability in the SubNethandlerfunc function of spxrestservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
Stack overflow
Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNethandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10...
Improper access control
A broken access control vulnerability in the KillDupUsrfunc function of spxrestservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service DoS condition. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
Stack overflow
Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsrfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-44776
CVE-2021-44776 describes a broken access control in the SubNet_handler_func of spx_restservice, affecting Lanner Inc IAC-AST2500A standard firmware version 1.10.0. The vulnerability enables an attacker to arbitrarily change security access rights to KVM and Virtual Media functions. Sources consis...
CVE-2021-26732 spx_restservice First_network_func Broken Access Control
A broken access control vulnerability in the Firstnetworkfunc function of spxrestservice allows an attacker to arbitrarily change the network configuration of the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...