Solidfire Baseboard Management Controller Firmware Security Vulnerabilities and Issues — Solidfire Baseboard Management Controller Firmware CVE List

APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0 versio...

5.7CVSS5.3AI score0.00198EPSS

CVE•added 2021/03/22 5:15 p.m.•263 views

CVE-2021-28971

In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.

5.5CVSS6.5AI score0.00024EPSS

CVE•added 2021/05/26 11:15 a.m.•238 views

CVE-2020-25673

A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.

5.5CVSS6.1AI score0.00124EPSS

CVE•added 2020/12/11 7:15 p.m.•224 views

CVE-2020-27825

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special...

5.7CVSS6.4AI score0.00138EPSS

CVE•added 2020/04/10 12:15 a.m.•209 views

CVE-2020-8832

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could u...

5.5CVSS6.2AI score0.04704EPSS

CVE•added 2021/06/11 4:15 p.m.•165 views

CVE-2021-22897

curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising...

5.3CVSS5.5AI score0.00761EPSS

CVE•added 2021/03/20 8:15 p.m.•155 views

CVE-2021-28951

An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25.

5.5CVSS5.6AI score0.00032EPSS

CVE•added 2019/11/14 8:15 p.m.•97 views

CVE-2019-14574

Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.

5.5CVSS5.5AI score0.00147EPSS

CVE•added 2019/11/14 8:15 p.m.•88 views

CVE-2019-14591

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.

5.5CVSS5.9AI score0.00158EPSS

CVE•added 2019/11/14 8:15 p.m.•87 views

CVE-2019-11089

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.

5.5CVSS5.8AI score0.00158EPSS

CVE•added 2019/11/14 8:15 p.m.•67 views

CVE-2019-14590

Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS5.1AI score0.00194EPSS