The web interface in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions before 3.17.02, allows remote authenticated users to execute arbitrary commands via a crafted request...
8.8CVSS
8.5AI Score
0.001EPSS
A web server in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing...
7.5CVSS
7.5AI Score
0.001EPSS
The configuration functionality in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions through 3.17.02, allows remote authenticated users to execute arbitrary...
8.8CVSS
8.6AI Score
0.001EPSS
Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar...
7.8CVSS
7.5AI Score
0.0004EPSS
A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03.10.35) allows remote attackers to inject execute arbitrary commands as root on the...
9.8CVSS
9.6AI Score
0.001EPSS
Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure...
5.5CVSS
5.6AI Score
0.0004EPSS
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information...
4.7CVSS
6.2AI Score
0.0004EPSS
Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of...
5.1CVSS
4AI Score
0.0004EPSS
Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in...
7.5CVSS
7.9AI Score
0.0004EPSS
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information...
5.5CVSS
5.6AI Score
0.001EPSS
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information...
6.5CVSS
6.8AI Score
0.0005EPSS
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent...
6.5CVSS
7.3AI Score
0.001EPSS
A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information...
6.5CVSS
6AI Score
0.001EPSS
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD...
5.6CVSS
6.5AI Score
0.975EPSS
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data...
6.5CVSS
7.2AI Score
0.0004EPSS
The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.1.13). This app contains an exported service named...
8.1CVSS
7.8AI Score
0.002EPSS
The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system...
5.5CVSS
5.3AI Score
0.0004EPSS