CVE-2021-26583
published 2021-05-10CVE-2021-26583: A potential security vulnerability was identified in HPE iLO Amplifier Pack. The vulnerabilities could be remotely exploited to allow remote code execution.
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
4.43%
90.2th percentile
A potential security vulnerability was identified in HPE iLO Amplifier Pack. The vulnerabilities could be remotely exploited to allow remote code execution.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | ilo_amplifier_pack | < 1.90 | 1.90 |
| hp | ilo_amplifier_pack | — | — |
| linux | linux_kernel | >= 0 < 5.4.0-190.210 | 5.4.0-190.210 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
linux-aws, linux-aws-5.4 vulnerabilities
osv·2024-07-30·CVSS 7.8
CVE-2022-48655 linux-aws, linux-aws-5.4 vulnerabilities
linux-aws, linux-aws-5.4 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM SCMI message protocol;
- InfiniBand drivers;
- TTY drivers;
- TLS protocol;
(CVE-2022-48655, CVE-2024-36016, CVE-2024-26584, CVE-2021-47131,
CVE-2024-26907, CVE-2024-26585, CVE-2024-26583)
OSV
linux, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-raspi, linux-xilinx-zynqmp vulnerabili
osv·2024-07-29·CVSS 7.8
CVE-2024-26584 linux, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-raspi, linux-xilinx-zynqmp vulnerabili
linux, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-raspi, linux-xilinx-zynqmp vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM SCMI message protocol;
- InfiniBand drivers;
- TTY drivers;
- TLS protocol;
(CVE-2024-26584, CVE-2024-36016, CVE-2024-26585, CVE-2021-47131,
CVE-2024-26907, CVE-2022-48655, CVE-2024-26583)
GHSA
GHSA-jvpj-x4cx-678c: Potential security vulnerabilities have been identified in HPE iLO Amplifier Pack using bootstrap framework
ghsa_unreviewed·2022-05-24
CVE-2021-26583 [CRITICAL] GHSA-jvpj-x4cx-678c: Potential security vulnerabilities have been identified in HPE iLO Amplifier Pack using bootstrap framework
Potential security vulnerabilities have been identified in HPE iLO Amplifier Pack using bootstrap framework. The vulnerabilities could be remotely exploited to allow remote code execution and cross site scripting (XSS). HPE has released a software update to resolve the vulnerabilities in the HPE iLO Amplifier Pack.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-05-10
Published