CVE-2025-8727

There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability...

CVE-2025-8404

Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC exploit stack buffer via a crafted header and achieve arbitrary code execution of the BMC’s firmware operating system...

CVE-2025-8404 Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library

Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC exploit stack buffer via a crafted header and achieve arbitrary code execution of the BMC’s firmware operating system...

CVE-2025-8404

CVE-2025-8404 describes a stack buffer overflow in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC can trigger a crafted header to overflow a stack and achieve arbitrary code execution on the BMC firmware OS. The issue is assessed with CVSS 3.1: Network attack ...

CVE-2025-8076 A stack buffer overflow vulnerability exists in the Supermicro BMC Web function

There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability...

CVE-2025-8076 A stack buffer overflow vulnerability exists in the Supermicro BMC Web function

There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability...

EUVD-2025-197951

Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware operating system...

PT-2025-47244

Name of the Vulnerable Software and Affected Versions SMASH-CLP shell affected versions not specified Description A stack-based buffer overflow exists in the SMASH-CLP shell. An authenticated attacker with SSH access to the Baseboard Management Controller BMC can exploit this issue by providing a...

PT-2025-47250

Name of the Vulnerable Software and Affected Versions Supermicro BMC versions affected versions not specified Description A stack buffer overflow vulnerability exists in the web function of the Supermicro BMC on the Supermicro MBD-X13SEDW-F. An attacker gaining access to the BMC Web server can...

Supermicro BMC Firmware 安全漏洞

Supermicro BMC Firmware is a system firmware from Supermicro Corporation USA. A security vulnerability exists in Supermicro BMC Firmware that originates from a stack buffer overflow in the BMC Web function that could lead to arbitrary code execution...

PT-2025-47249

Name of the Vulnerable Software and Affected Versions Supermicro BMC versions affected versions not specified Description A stack buffer overflow exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC can exploit a stack buffer via a crafted header,...

PT-2025-47245

Name of the Vulnerable Software and Affected Versions Supermicro BMC versions affected versions not specified Description A buffer overflow exists in the web stack of the Supermicro BMC on the MBD-X13SEDW-F model. An attacker gaining access to the BMC Web server can exploit this issue using a...

CVE-2025-63695

DzzOffice v2.3.7 and earlier is vulnerable to an Arbitrary File Upload in /dzz/system/ueditor/php/controller.php. The core issue stems from a file upload mechanism in controller.php that allows uploading arbitrary files, potentially enabling remote code execution or other impact as described in p...

PT-2025-47372

Name of the Vulnerable Software and Affected Versions DzzOffice versions prior to 2.3.7 Description DzzOffice is susceptible to an arbitrary file upload issue located in the /dzz/system/ueditor/php/controller.php file. The issue resides within the controller.php component. Recommendations Update ...

CVE-2025-63695

DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...

EUVD-2025-198056

DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...

DzzOffice 安全漏洞

DzzOffice is a platform from Big Desk DzzOffice that provides online collaborative office suite functionality. It provides online documents, forms, webstores, presentations and other features. A security vulnerability exists in DzzOffice v2.3.7 and earlier versions, which originates from...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-43883)

usb: vhci-hcd: vulnerability due to the vhci-hcd driver dropping references before new ones were gained, potentially leading to the use of stale pointers. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2023-52887)

net: can: j1939: vulnerability related to error handling for closely received RTS messages in xtprxrtssessionnew, which is addressed by replacing less informative backtraces with a new method that provides clearer error messages and allows for early termination of problematic sessions. This plugi...

SuperMicro BMC 安全漏洞

SuperMicro BMC is a firmware from SuperMicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in the SuperMicro BMC that stems from a stack buffer overflow in the BMC Web function that could lead to arbitrary code execution...