Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Filtered by product Fujitsu M10 Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-7547 10 Canonical, Debian, F5 and 7 more 30 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 27 more 2024-02-04 6.8 MEDIUM 8.1 HIGH
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
CVE-2013-4786 2 Intel, Oracle 2 Intelligent Platform Management Interface, Fujitsu M10 Firmware 2024-02-04 7.8 HIGH 7.5 HIGH
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.