NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2024-3708 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 該当なし | 0.04% | 2024-05-23 | 2024-07-09 |
| CVE-2023-3043 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | 9.6 | 0.31% | 2024-01-09 | 2024-11-21 |
| CVE-2023-37297 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | 8.3 | 0.26% | 2024-01-09 | 2024-11-21 |
| CVE-2023-37296 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | 8.3 | 0.26% | 2024-01-09 | 2024-11-21 |
| CVE-2023-37295 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | 8.3 | 0.26% | 2024-01-09 | 2024-11-21 |
| CVE-2023-37294 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | 8.3 | 0.26% | 2024-01-09 | 2024-11-21 |
| CVE-2023-37293 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | 9.6 | 0.31% | 2024-01-09 | 2024-11-21 |
| CVE-2023-34333 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference via a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | 7.8 | 0.18% | 2024-01-09 | 2024-11-21 |
| CVE-2023-34332 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | 7.8 | 0.18% | 2024-01-09 | 2024-11-21 |
| CVE-2023-39539 | AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a PNG Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability. | 7.5 | 0.62% | 2023-12-06 | 2024-11-21 |
| CVE-2023-39538 | AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a BMP Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability. | 7.5 | 0.22% | 2023-12-06 | 2024-11-21 |
| CVE-2023-39537 | AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability. | 7.5 | 0.21% | 2023-11-14 | 2024-11-21 |
| CVE-2023-39536 | AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability. | 7.5 | 0.21% | 2023-11-14 | 2024-11-21 |
| CVE-2023-39535 | AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability. | 7.5 | 0.21% | 2023-11-14 | 2024-11-21 |
| CVE-2023-34470 | AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability. | 6.8 | 0.15% | 2023-09-12 | 2024-11-21 |
| CVE-2023-34469 | AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the physical network. A successful exploit of this vulnerability may lead to a loss of confidentiality. | 4.9 | 0.22% | 2023-09-12 | 2024-11-21 |
| CVE-2023-34330 | AMI SPx contains a vulnerability in the BMC where a user may inject code which could be executed via a Dynamic Redfish Extension interface. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. | 8.2 | 0.51% | 2023-07-18 | 2025-02-13 |
| CVE-2023-34329 | AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confidentiality, integrity, and availability. | 9.1 | 0.97% | 2023-07-18 | 2025-02-13 |
| CVE-2023-34473 | AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. | 6.6 | 0.40% | 2023-07-05 | 2024-11-21 |
| CVE-2023-34472 | AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of this vulnerability may lead to a loss of integrity. | 5.7 | 0.40% | 2023-07-05 | 2024-11-21 |