Vulnerabilities > Openbmc Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-15 | CVE-2021-39295 | Resource Exhaustion vulnerability in Openbmc-Project Openbmc 2.9.0 In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface. | 7.5 |
| 2023-02-16 | CVE-2022-35729 | Out-of-bounds Read vulnerability in Openbmc-Project Openbmc Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access. | 7.5 |
| 2022-10-27 | CVE-2022-2809 | Out-of-bounds Write vulnerability in Openbmc-Project Openbmc 2.10.0/2.11.0 A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. | 7.5 |
| 2022-10-27 | CVE-2022-3409 | Out-of-bounds Write vulnerability in Openbmc-Project Openbmc 2.10.0/2.11.0 A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. | 7.5 |
| 2021-09-09 | CVE-2021-39296 | Improper Authentication vulnerability in Openbmc-Project Openbmc 2.9.0 In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system. | 10.0 |
| 2020-06-15 | CVE-2020-14156 | Incorrect Default Permissions vulnerability in Openbmc-Project Openbmc user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions. | 8.8 |