CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36432
https://notcve.org/view.php?id=CVE-2024-36432
15 Jul 2024 — An arbitrary memory write vulnerability was discovered in Supermicro X11DPG-HGX2, X11PDG-QT, X11PDG-OT, and X11PDG-SN motherboards with BIOS firmware before 4.4. Se descubrió una vulnerabilidad de escritura en memoria arbitraria en las placas base Supermicro X11DPG-HGX2, X11PDG-QT, X11PDG-OT y X11PDG-SN con firmware BIOS anterior a 4.4. • https://www.supermicro.com/en/support/security_center#%21advisories • CWE-1246: Improper Write Handling in Limited-write Non-Volatile Memories •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36433
https://notcve.org/view.php?id=CVE-2024-36433
15 Jul 2024 — An arbitrary memory write vulnerability was discovered in Supermicro X11DPH-T, X11DPH-Tq, and X11DPH-i motherboards with BIOS firmware before 4.4. Se descubrió una vulnerabilidad de escritura en memoria arbitraria en las placas base Supermicro X11DPH-T, X11DPH-Tq y X11DPH-i con firmware BIOS anterior a 4.4. • https://www.supermicro.com/en/support/security_BIOS_Jul_2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36434
https://notcve.org/view.php?id=CVE-2024-36434
15 Jul 2024 — An SMM callout vulnerability was discovered in Supermicro X11DPH-T, X11DPH-Tq, and X11DPH-i motherboards with BIOS firmware before 4.4. Se descubrió una vulnerabilidad de llamada SMM en las placas base Supermicro X11DPH-T, X11DPH-Tq y X11DPH-i con firmware BIOS anterior a 4.4. • https://www.supermicro.com/en/support/security_BIOS_Jul_2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 355EXPL: 0CVE-2024-36435
https://notcve.org/view.php?id=CVE-2024-36435
11 Jul 2024 — An issue was discovered on Supermicro BMC firmware in select X11, X12, H12, B12, X13, H13, and B13 motherboards (and CMM6 modules). An unauthenticated user can post crafted data to the interface that triggers a stack buffer overflow, and may lead to arbitrary remote code execution on a BMC. Se descubrió un problema en el firmware Supermicro BMC en placas base seleccionadas X11, X12, H12, B12, X13, H13 y B13 (y módulos CMM6). Un usuario no autenticado puede publicar datos manipulados en la interfaz, lo que d... • https://www.supermicro.com/zh_tw/support/security_BMC_IPMI_Jul_2024 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-40284
https://notcve.org/view.php?id=CVE-2023-40284
27 Mar 2024 — An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue. Se descubrió un problema en los dispositivos Supermicro X11SSM-F, X11SAE-F y X11SSE-F 1.66. Un atacante podría aprovechar un problema XSS. • https://www.supermicro.com/en/support/security_BMC_IPMI_Oct_2023 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-40286
https://notcve.org/view.php?id=CVE-2023-40286
27 Mar 2024 — An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue. Se descubrió un problema en los dispositivos Supermicro X11SSM-F, X11SAE-F y X11SSE-F 1.66. Un atacante podría aprovechar un problema XSS. • https://www.supermicro.com/en/support/security_BMC_IPMI_Oct_2023 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-40287
https://notcve.org/view.php?id=CVE-2023-40287
27 Mar 2024 — An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue. Se descubrió un problema en los dispositivos Supermicro X11SSM-F, X11SAE-F y X11SSE-F 1.66. Un atacante podría aprovechar un problema XSS. • https://www.supermicro.com/en/support/security_BMC_IPMI_Oct_2023 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-40288
https://notcve.org/view.php?id=CVE-2023-40288
27 Mar 2024 — An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue. Se descubrió un problema en los dispositivos Supermicro X11SSM-F, X11SAE-F y X11SSE-F 1.66. Un atacante podría aprovechar un problema XSS. • https://www.supermicro.com/en/support/security_BMC_IPMI_Oct_2023 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 1%CPEs: 3EXPL: 0CVE-2023-40289
https://notcve.org/view.php?id=CVE-2023-40289
27 Mar 2024 — A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker can exploit this to elevate privileges from a user with BMC administrative privileges. Se descubrió un problema de inyección de comandos en los dispositivos Supermicro X11SSM-F, X11SAE-F y X11SSE-F 1.66. Un atacante puede aprovechar esto para elevar los privilegios de un usuario con privilegios administrativos de BMC. • https://www.supermicro.com/en/support/security_BMC_IPMI_Oct_2023 • CWE-269: Improper Privilege Management •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-40290
https://notcve.org/view.php?id=CVE-2023-40290
27 Mar 2024 — An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue that affects Internet Explorer 11 on Windows. Se descubrió un problema en los dispositivos Supermicro X11SSM-F, X11SAE-F y X11SSE-F 1.66. Un atacante podría aprovechar un problema XSS que afecta a Internet Explorer 11 en Windows. • https://www.supermicro.com/en/support/security_BMC_IPMI_Oct_2023 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •