CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22488 – IBM OpenBMC denial of service
https://notcve.org/view.php?id=CVE-2022-22488
18 Nov 2022 — IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deleting too many CA certificates in a short period of time. IBM X-Force ID: 2226337. IBM OpenBMC OP910 y OP940 podrían permitir que un usuario privilegiado provoque una Denegación de Servicio (DoS) cargando o eliminando demasiados certificados de CA en un corto período de tiempo. ID de IBM X-Force: 2226337. • https://exchange.xforce.ibmcloud.com/vulnerabilities/226337 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2021-29891
https://notcve.org/view.php?id=CVE-2021-29891
22 Aug 2022 — IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that may cause it to lose network services. IBM X-Force ID: 207221. IBM OPENBMC versiones OP910 y OP940, podrían permitir a un usuario privilegiado cargar un certificado de identidad de sitio inapropiado que podría causar la pérdida de servicios de red. IBM X-Force ID: 207221. • https://exchange.xforce.ibmcloud.com/vulnerabilities/207221 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2021-38961
https://notcve.org/view.php?id=CVE-2021-38961
27 Dec 2021 — IBM OPENBMC OP910 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212049. IBM OPENBMC OP910 es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la funcionalidad prevista y conllevando p... • https://exchange.xforce.ibmcloud.com/vulnerabilities/212049 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.9EPSS: 0%CPEs: 22EXPL: 0CVE-2018-1992
https://notcve.org/view.php?id=CVE-2018-1992
21 Mar 2019 — The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker were able to replace the initial boot firmware image with a very carefully crafted and sufficiently large, malicious replacement, it could cause the bootloader, during the load of that image, to overwrite its own instr... • https://exchange.xforce.ibmcloud.com/vulnerabilities/154345 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •