cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-46183,https://securityvulnerability.io/vulnerability/CVE-2023-46183,IBM PowerVM Hypervisor Vulnerability Allows System Administrator to Obtain Sensitive Partition Information,"IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could allow a system administrator to obtain sensitive partition information.  IBM X-Force ID:  269695.",IBM,Powervm Hypervisor,5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-06T16:05:23.158Z,0
CVE-2023-33851,https://securityvulnerability.io/vulnerability/CVE-2023-33851,IBM PowerVM Hypervisor Vulnerability Could Reveal Sensitive Data,"The vulnerability in the IBM PowerVM Hypervisor affects multiple firmware versions, potentially allowing a system administrator to access sensitive partition data. This exposure could compromise the confidentiality of data within virtualized environments, leading to unauthorized access and manipulation of critical information. Organizations using the affected versions should take immediate steps to mitigate the risks associated with this vulnerability by applying necessary patches and reviewing their security protocols.",IBM,Powervm Hypervisor,4.9,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2024-02-04T01:15:00.000Z,0
CVE-2023-25683,https://securityvulnerability.io/vulnerability/CVE-2023-25683,IBM PowerVM Hypervisor information disclosure,"IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC.  IBM X-Force ID:  247592.",IBM,Powervm Hypervisor,5.9,MEDIUM,0.0009599999757483602,false,,false,false,false,,,false,false,,2023-06-15T01:15:00.000Z,0
CVE-2023-30440,https://securityvulnerability.io/vulnerability/CVE-2023-30440,IBM PowerVM Hypervisor denial of service,"The vulnerability in IBM PowerVM Hypervisor allows a local attacker with control of a partition assigned a SRIOV virtual function to disrupt services in a peer partition, which can lead to denial of service or arbitrary data corruption. This could have significant implications for the integrity and availability of virtualized environments.",IBM,Powervm Hypervisor,6.7,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2023-05-23T14:15:00.000Z,0
CVE-2023-30438,https://securityvulnerability.io/vulnerability/CVE-2023-30438,IBM PowerVM gain access,An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems allows an attacker with privileged user access to a logical partition to breach isolation between partitions. This could result in unauthorized data access or execution of arbitrary code in neighboring logical partitions on the same physical hardware.,IBM,Powervm Hypervisor,9.3,CRITICAL,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-17T13:15:00.000Z,0
CVE-2022-22445,https://securityvulnerability.io/vulnerability/CVE-2022-22445,Firmware Compromise in IBM POWER9 due to Service Access,"An attacker with service access to the IBM POWER9 system or administrative authority over a partition can exploit the vulnerability to bypass security measures, potentially compromising the firmware. This could allow unauthorized manipulation of critical system functions, posing significant risks to data integrity and operational reliability.",IBM,Powervm Hypervisor,7.6,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-07-15T00:00:00.000Z,0
CVE-2021-38918,https://securityvulnerability.io/vulnerability/CVE-2021-38918,Isolation Violation in IBM PowerVM Hypervisor,"The vulnerability allows for a specific sequence of VM management operations within IBM PowerVM Hypervisor to compromise the isolation between virtual machines (VMs). This issue can potentially enable unauthorized access or interference between peer VMs, raising significant security concerns in multi-tenant environments.",IBM,Powervm Hypervisor,8.6,HIGH,0.0011099999537691474,false,,false,false,false,,,false,false,,2022-01-05T17:15:00.000Z,0
CVE-2021-38937,https://securityvulnerability.io/vulnerability/CVE-2021-38937,Denial of Service Vulnerability in IBM PowerVM Hypervisor,"IBM PowerVM Hypervisor versions FW940, FW950, and FW1010 are susceptible to a Denial of Service vulnerability that could be exploited by an authenticated user. By sending a specially crafted IBMi Hypervisor call, an attacker can trigger a system crash, leading to potential downtime or interruption of services. This vulnerability could impact the availability and stability of affected systems.",IBM,Powervm Hypervisor,6.3,MEDIUM,0.0007600000244565308,false,,false,false,false,,,false,false,,2021-12-10T18:15:00.000Z,0
CVE-2021-38917,https://securityvulnerability.io/vulnerability/CVE-2021-38917,Information Disclosure Vulnerability in IBM PowerVM Hypervisor,"The IBM PowerVM Hypervisor, specifically versions FW860, FW940, and FW950, is susceptible to a security vulnerability that could allow an attacker with service access to the Flexible Service Processor (FSP) to read and modify arbitrary host system memory. This security flaw arises from a series of specially crafted service procedures that can be exploited, leading to potential unauthorized access to sensitive information. It is crucial for users to apply necessary mitigations and updates to protect against this risk.",IBM,Powervm Hypervisor,7.4,HIGH,0.001069999998435378,false,,false,false,false,,,false,false,,2021-12-10T18:15:00.000Z,0
CVE-2021-38923,https://securityvulnerability.io/vulnerability/CVE-2021-38923,Access Control Vulnerability in IBM PowerVM Hypervisor,"The IBM PowerVM Hypervisor FW1010 can be exploited when a privileged user assigns duplicate World Wide Port Names (WWPNs), potentially allowing unauthorized access to another virtual machine (VM). This misconfiguration increases the risk of data breaches and inter-VM communications. Organizations should ensure proper WWPN assignment and review virtualization security practices to mitigate this vulnerability.",IBM,Powervm Hypervisor,8,HIGH,0.0009200000204145908,false,,false,false,false,,,false,false,,2021-10-06T18:15:00.000Z,0
CVE-2021-29795,https://securityvulnerability.io/vulnerability/CVE-2021-29795,Denial of Service Vulnerability in IBM PowerVM Hypervisor,"A local user could potentially exploit a series of specifically crafted hypervisor calls within IBM PowerVM Hypervisor FW860, FW930, FW940, and FW950, leading to system instability and crashes. This vulnerability poses significant risks to users, disrupting operations and providing unauthorized access to critical system functions. Proper mitigations should be applied to prevent potential exploitation.",IBM,Powervm Hypervisor,6,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-09-21T16:15:00.000Z,0
CVE-2021-29765,https://securityvulnerability.io/vulnerability/CVE-2021-29765,Sensitive Information Disclosure in IBM PowerVM Hypervisor,"The IBM PowerVM Hypervisor FW940 and FW950 are susceptible to an information disclosure vulnerability. This issue arises when an attacker gains service access to the flexible service processor (FSP), potentially allowing the retrieval of sensitive information stored within the system. This vulnerability poses a risk to data confidentiality and requires immediate attention to secure affected installations.",IBM,Powervm Hypervisor,5.9,MEDIUM,0.001069999998435378,false,,false,false,false,,,false,false,,2021-08-04T00:00:00.000Z,0
CVE-2021-20505,https://securityvulnerability.io/vulnerability/CVE-2021-20505,,"The PowerVM Logical Partition Mobility(LPM) (PowerVM Hypervisor FW920, FW930, FW940, and FW950) encryption key exchange protocol can be compromised. If an attacker has the ability to capture encrypted LPM network traffic and is able to gain service access to the FSP they can use this information to perform a series of PowerVM service procedures to decrypt the captured migration traffic IBM X-Force ID: 198232",IBM,Powervm Hypervisor,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2021-07-29T12:15:00.000Z,0