CVE-2024-2659
- EPSS 0.43%
- Veröffentlicht 15.04.2024 18:15:10
- Zuletzt bearbeitet 28.07.2025 13:06:05
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function.
CVE-2023-4855
- EPSS 0.37%
- Veröffentlicht 15.04.2024 18:15:09
- Zuletzt bearbeitet 21.11.2024 08:36:07
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute unauthorized commands via IPMI.
CVE-2023-4856
- EPSS 0.39%
- Veröffentlicht 15.04.2024 18:15:09
- Zuletzt bearbeitet 21.11.2024 08:36:07
A format string vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute arbitrary commands on a specific API endpoint.
CVE-2023-4857
- EPSS 0.09%
- Veröffentlicht 15.04.2024 18:15:09
- Zuletzt bearbeitet 21.11.2024 08:36:07
An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute certain IPMI calls that could lead to exposure of limited system information.
CVE-2017-17833
- EPSS 0.87%
- Veröffentlicht 23.04.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:18:46
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.