CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-37297 – heap memory overflow
https://notcve.org/view.php?id=CVE-2023-37297
09 Jan 2024 — AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. El SPx de AMI contiene una vulnerabilidad en el BMC donde un atacante puede conllevar una corrupción de la memoria de la pila a través de una red adyacente. Una explotación exitosa de esta vulnerabilidad puede conducir a una pérdida de confidencialidad, integridad y/o ... • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-37296 – Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-37296
09 Jan 2024 — AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. El SPx de AMI contiene una vulnerabilidad en el BMC donde un atacante puede conllevar una corrupción de la memoria de la pila a través de una red adyacente. Una explotación exitosa de esta vulnerabilidad puede conducir a una pérdida de confidencialidad, integridad y/o... • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-37295 – Heap-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-37295
09 Jan 2024 — AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. El SPx de AMI contiene una vulnerabilidad en el BMC donde un atacante puede conllevar una corrupción de la memoria de la pila a través de una red adyacente. Una explotación exitosa de esta vulnerabilidad puede conducir a una pérdida de confidencialidad, integridad y/o ... • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-37294 – Heap-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-37294
09 Jan 2024 — AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. El SPx de AMI contiene una vulnerabilidad en el BMC donde un atacante puede conllevar una corrupción de la memoria de la pila a través de una red adyacente. Una explotación exitosa de esta vulnerabilidad puede conducir a una pérdida de confidencialidad, integridad y/o ... • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-37293 – stack-based buffer overflow
https://notcve.org/view.php?id=CVE-2023-37293
09 Jan 2024 — AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. El SPx de AMI contiene una vulnerabilidad en el BMC donde un atacante puede provocar un desbordamiento de búfer en la región stack de la memoria a través de una red adyacente. Una explotación exitosa de esta vulnerabilidad puede conducir a una pérdida de confidenc... • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34333 – Untrusted Pointer Dereference
https://notcve.org/view.php?id=CVE-2023-34333
09 Jan 2024 — AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference via a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. El SPx de AMI contiene una vulnerabilidad en el BMC donde un atacante puede provocar que un puntero que no es de confianza elimine la referencia a través de una red local. Una explotación exitosa de esta vulnerabilidad puede conducir a una pérdida de confidencia... • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •
CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-3043 – Stack-based Buffer Overflow BMC
https://notcve.org/view.php?id=CVE-2023-3043
09 Jan 2024 — AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. El SPx de AMI contiene una vulnerabilidad en el BMC donde un atacante puede provocar un desbordamiento de búfer en la región stack de la memoria a través de una red adyacente. Una explotación exitosa de esta vulnerabilidad puede conducir a una pérdida de confidenc... • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34332 – Untrusted Pointer Dereference in BMC
https://notcve.org/view.php?id=CVE-2023-34332
09 Jan 2024 — AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. El SPx de AMI contiene una vulnerabilidad en el BMC donde un atacante puede provocar que una red local elimine la referencia de un puntero que no es de confianza. Una explotación exitosa de esta vulnerabilidad puede conducir a una pérdida de confidencialidad, int... • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34336
https://notcve.org/view.php?id=CVE-2023-34336
12 Jun 2023 — AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execution, denial of service, or escalation of privileges. AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execution, denial of service, or escalation of privileges. • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34334
https://notcve.org/view.php?id=CVE-2023-34334
12 Jun 2023 — AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering. AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering. • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •