Skip to main content

Bmc

6 CVEs product

Monthly

CVE-2023-25508 HIGH This Week

NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Path Traversal Denial Of Service Information Disclosure Bmc
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-25507 HIGH This Week

NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell commands, which may lead to code execution,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Command Injection RCE Information Disclosure +1
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-25505 HIGH This Week

NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Buffer Overflow Denial Of Service RCE Information Disclosure +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-0201 MEDIUM This Month

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Nvidia RCE Information Disclosure Denial Of Service Bmc
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-0200 MEDIUM This Month

NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Nvidia RCE Information Disclosure Denial Of Service Bmc
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2013-4782 CRITICAL POC THREAT Emergency

The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 64.1%.

Authentication Bypass Bmc
NVD
CVSS 2.0
10.0
EPSS
64.1%
Threat
5.4
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Path Traversal Denial Of Service +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell commands, which may lead to code execution,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Command Injection +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Buffer Overflow Denial Of Service +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Nvidia RCE Information Disclosure +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Nvidia RCE Information Disclosure +2
NVD
EPSS 64% 5.4 CVSS 10.0
CRITICAL POC THREAT Emergency

The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 64.1%.

Authentication Bypass Bmc
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy