Megarac sp-x

This hub aggregates every CVE we track for Megarac sp-x, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Hardware Firmware

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

HIGH18MEDIUM7CRITICAL5

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 15 most recently published vulnerabilities affecting Megarac sp-x.

CVE-2024-54085Redfish Authentication BypassKEV9.8Mar 11, 2025
CVE-2023-37297heap memory overflow 8.3Jan 9, 2024
CVE-2023-37296Stack-based Buffer Overflow8.3Jan 9, 2024
CVE-2023-37295Heap-based Buffer Overflow8.3Jan 9, 2024
CVE-2023-37294Heap-based Buffer Overflow8.3Jan 9, 2024
CVE-2023-37293stack-based buffer overflow 9.6Jan 9, 2024
CVE-2023-34333Untrusted Pointer Dereference 7.8Jan 9, 2024
CVE-2023-3043Stack-based Buffer Overflow BMC9.6Jan 9, 2024
CVE-2023-34332Untrusted Pointer Dereference in BMC7.8Jan 9, 2024
CVE-2023-34330Code injection via Dynamic Redfish Extension interface8.2Jul 18, 2023
CVE-2023-34329Authentication Bypass via HTTP Header Spoofing9.1Jul 18, 2023
CVE-2023-34473Usage of Hard-coded Credentials6.6Jul 5, 2023
CVE-2023-34472AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of this vulnerability may lead to a loss o...5.7Jul 5, 2023
CVE-2023-34471Missing Cryptographic Step6.3Jul 5, 2023
CVE-2023-34338hard coded cryptographic key7.1Jul 5, 2023

Product normalization is registry-driven with AI assist and human review. How it works