CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Baseboard Management ControllerBMC in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spxrestservice setremoteimageinfofunc...

7.8CVSS7.1AI score0.00127EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:36 p.m.•4 views

CVE-2021-25130

7.8CVSS7.1AI score0.00127EPSS

Exploits0References1

NVD•added 2022/10/24 2:15 p.m.•5 views

CVE-2021-44776

A broken access control vulnerability in the SubNethandlerfunc function of spxrestservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

6.5CVSS0.00125EPSS

Exploits0References2

NVD•added 2022/10/24 2:15 p.m.•11 views

CVE-2021-44467

A broken access control vulnerability in the KillDupUsrfunc function of spxrestservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service DoS condition, if an input parameter is correctly guessed. This issue affects: Lanner Inc IAC-AST2500A...

7.5CVSS0.00237EPSS

Exploits0References2

OSV•added 2022/10/24 2:15 p.m.•1 views

CVE-2021-44776

5.3CVSS5.8AI score0.00125EPSS

Exploits0References2

NVD•added 2022/10/24 2:15 p.m.•10 views

CVE-2021-26729

Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

10CVSS0.08129EPSS

Exploits0References2

Prion•added 2022/10/24 2:15 p.m.•13 views

Stack overflow

Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsrfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

7.5CVSS9.9AI score0.03475EPSS

Exploits0References2Affected Software1

Prion•added 2022/10/24 2:15 p.m.•30 views

Stack overflow

7.5CVSS9.9AI score0.08129EPSS

Exploits0References2Affected Software1

Prion•added 2022/10/24 2:15 p.m.•12 views

Improper access control

A broken access control vulnerability in the KillDupUsrfunc function of spxrestservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service DoS condition. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

5CVSS7.4AI score0.00237EPSS

Exploits0References2Affected Software1

Prion•added 2022/10/24 2:15 p.m.•21 views

Stack overflow

Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNethandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10...

7.5CVSS9.8AI score0.08129EPSS

Exploits0References2Affected Software1

Prion•added 2022/10/24 2:15 p.m.•15 views

Stack overflow

A stack-based buffer overflow vulnerability in a subfunction of the Loginhandlerfunc function of spxrestservice allows an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

7.5CVSS9.7AI score0.01373EPSS

Exploits0References2Affected Software1

Prion•added 2022/10/24 2:15 p.m.•13 views

Improper access control

5CVSS5.3AI score0.00125EPSS

Exploits0References2Affected Software1