170 matches found
CVE-2025-7704 Supermicro BMC SMASH services has a Stack-based buffer overflow vulnerability
Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability...
CVE-2025-7704 Supermicro BMC SMASH services has a Stack-based buffer overflow vulnerability
Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability...
CVE-2025-7704
CVE-2025-7704 describes a stack-based overflow in the Insyde SMASH shell used by Supermicro BMC. The issue affects the SMASH service component on Supermicro BMC, with the underlying cause identified as a stack-based buffer overflow in the shell. Public descriptions consistently reference a potent...
Supermicro BMC 安全漏洞
The SuperMicro BMC is a firmware from SuperMicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in Supermicro BMC that stems from a stack-based buffer overflow in the Insyde SMASH shell program...
PT-2025-46795
Name of the Vulnerable Software and Affected Versions Supermicro BMC Insyde SMASH affected versions not specified Description The Insyde SMASH shell program within Supermicro BMC contains a stacked-based overflow issue. This flaw could allow for remote code execution. Recommendations At the momen...
CVE-2025-49937
Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smash Balloon Social Post Feed: from n/a through = 4.3.2...
CVE-2025-49937 WordPress Smash Balloon Social Post Feed plugin <= 4.3.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smash Balloon Social Post Feed: from n/a through = 4.3.2...
CVE-2025-49937 WordPress Smash Balloon Social Post Feed plugin <= 4.3.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smash Balloon Social Post Feed: from n/a through = 4.3.2...
PT-2025-43201
Name of the Vulnerable Software and Affected Versions Smash Balloon Social Post Feed versions through 4.3.2 Description An authorization issue exists in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed. This allows exploitation of incorrectly configured access control security...
WordPress Smash Balloon Social Post Feed plugin <= 4.3.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Smash Balloon Social Post Feed versions = 4.3.2...
EUVD-2023-56810
Malicious code in bioql PyPI...
EUVD-2024-29275
Malicious code in bioql PyPI...
EUVD-2022-37010
Malicious code in bioql PyPI...
EUVD-2022-51821
Malicious code in bioql PyPI...
WordPress Smash theme <= 1.7 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Smash versions = 1.7...
AlmaLinux 9 : thunderbird (ALSA-2025:14640)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:14640 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due ...
CVE-2025-4577
The Smash Balloon Social Post Feed – Simple Social Feeds for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-color attribute in all versions up to, and including, 4.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-4577
The Smash Balloon Social Post Feed – Simple Social Feeds for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-color attribute in all versions up to, and including, 4.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-4577
The Smash Balloon Social Post Feed – Simple Social Feeds for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-color attribute in all versions up to, and including, 4.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-4577
The CVE entry CVE-2025-4577 concerns the Smash Balloon Social Post Feed (Custom Facebook Feed) WordPress plugin. Connected sources confirm a Stored Cross-Site Scripting (XSS) vulnerability via the data-color attribute in all versions up to and including 4.3.1, caused by insufficient input sanitiz...