CVSS: 7.6EPSS: 0%CPEs: 7EXPL: 0CVE-2018-12208
https://notcve.org/view.php?id=CVE-2018-12208
14 Mar 2019 — Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access. Desbordamiento de búfer en el subsistema HECI de Intel(R) CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel (R) TXE, en versiones anteriores a la 3.1.60 o 4.0.10; o I... • https://security.netapp.com/advisory/ntap-20190318-0001 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 8EXPL: 0CVE-2018-12191
https://notcve.org/view.php?id=CVE-2018-12191
14 Mar 2019 — Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access. La comprobación de límites en el subsistema del kernel en Intel CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel(R) Server Platform Services, en vers... • https://security.netapp.com/advisory/ntap-20190318-0001 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2018-12192
https://notcve.org/view.php?id=CVE-2018-12192
14 Mar 2019 — Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access. Un error de lógica en el subsistema del kernel en Intel CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel(R) Server Platform Services, en versiones anteriores a la SPS_E5_04.00.04.393.0, podría permitir que un... • https://security.netapp.com/advisory/ntap-20190318-0001 • CWE-287: Improper Authentication •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12198
https://notcve.org/view.php?id=CVE-2018-12198
14 Mar 2019 — Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access. Validación de entradas insuficiente en el subsistema de Intel(R) Server Platform Services HECI, en versiones anteriores a la SPS_E5_04.00.04.393.0, podría permitir que usuarios privilegiados puedan provocar una denegación de servicio (DoS) mediante acceso local. • https://security.netapp.com/advisory/ntap-20190318-0001 • CWE-20: Improper Input Validation •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2018-3643
https://notcve.org/view.php?id=CVE-2018-3643
12 Sep 2018 — A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code. Una vulnerabilidad en el firmware Power Management Controller en sistemas que emplean un CSME (Intel® Conv... • https://security.netapp.com/advisory/ntap-20180924-0002 •
CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0CVE-2018-3655
https://notcve.org/view.php?id=CVE-2018-3655
12 Sep 2018 — A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access. Una vulnerabilidad en un subsistema en Intel CSME en versiones anteriores a la 11.21.55, Intel Server Platform Services en versiones anteriores a la 4.0 y el firmware Intel Trusted Execution Engine en versiones anteriores a l... • https://security.netapp.com/advisory/ntap-20180924-0003 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5706 – HPE Security Bulletin HPESBHF03798 1
https://notcve.org/view.php?id=CVE-2017-5706
21 Nov 2017 — Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code. Múltiples desbordamientos de búfer en el kernel en Intel Server Platform Services Firmware 4.0 permiten que un atacante con acceso local al sistema ejecute código arbitrario. A vulnerability in HPE certain Gen10 Servers, DL20 Gen9, ML30 Gen9 and certain Apollo servers with Intel Server Platform Service (SPS) v4.0 are vulnerable to local Denial of Servic... • http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5709 – HPE Security Bulletin HPESBHF03798 1
https://notcve.org/view.php?id=CVE-2017-5709
21 Nov 2017 — Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector. Múltiples escalados de privilegios en el kernel en Intel Server Platform Services Firmware 4.0 permiten que un proceso no autorizado acceda a contenidos privilegiados mediante un vector no especificado. A vulnerability in HPE certain Gen10 Servers, DL20 Gen9, ML30 Gen9 and certain Apollo servers with Intel Server Platform Service (SPS) v4.0 ... • http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html •