Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freeipmi (UTSA-2026-007097)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007097 advisory. ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a...

OESA-2026-1737 freeipmi security update

The package provides "Remote-Console" and "System Management software" based on intelligent platform management interface specification. Security Fixes: ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI...

EUVD-2026-14899

ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system...

CVE-2026-33554

ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

CVE-2026-33554

ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system...

CVE-2026-33554

ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

CVE-2025-12007

CVE-2025-12007 affects Supermicro BMC firmware validation logic on the MBD-X13SEM-F board. The vulnerability enables an attacker to update system firmware using a specially crafted image due to flawed BMC firmware verification. Impact is aligned with a high-severity CVSS vector (local, low comple...

CVE-2025-12006

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW-F . An attacker can update the system firmware with a specially crafted image...

CVE-2025-12006 Supermicro BMC firmware update validation bypass

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW-F . An attacker can update the system firmware with a specially crafted image...

CVE-2025-12006

CVE-2025-12006 affects Supermicro BMC firmware on the MBD-X12STW-F board. The vulnerability lies in the firmware validation logic, enabling an attacker to update the system firmware with a specially crafted image. Public sources (NVD/Red Hat/CIRCL) describe the same underlying issue; ARMs to expl...

Supermicro BMC 安全漏洞

The SuperMicro BMC is a firmware from SuperMicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in the Supermicro BMC Shared library that originates from a stack buffer overflow and could lead to arbitrary code execution...

Supermicro BMC Firmware 安全漏洞

Supermicro BMC Firmware is a system firmware from Supermicro Corporation USA. A security vulnerability exists in Supermicro BMC Firmware that originates from a stack buffer overflow that could lead to arbitrary code execution...

PT-2025-44225

Name of the Vulnerable Software and Affected Versions Supermicro BMC firmware versions affected versions not specified Description The Supermicro BMC firmware contains a flaw in its validation logic. An attacker can exploit this to update the system firmware with a specially crafted image...

EUVD-2025-30206

Malicious code in bioql PyPI...

CVE-2025-7937

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW . An attacker can update the system firmware with a specially crafted image...

CVE-2024-10239

A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6 . An attacker with administrator privileges can upload a specially crafted image, which can cause a stack overflow due to the unchecked fat-fsd.maxfld...

CVE-2024-10238

A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6. An attacker can upload a specially crafted image that will cause a stack overflow is caused by not checking fld-usedbytes...

CVE-2024-10239 fld->used_bytes without sanity check causes stack overflow

A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6 . An attacker with administrator privileges can upload a specially crafted image, which can cause a stack overflow due to the unchecked fat-fsd.maxfld...

CVE-2024-10239

CVE-2024-10239 concerns a stack overflow in the firmware image verification of the Supermicro MBD-X12DPG-OA6. The issue arises from an unchecked fat->fsd.max_fld in the image verification path, allowing an administrator-controlled upload of a crafted image to potentially trigger the overflow. ...

CVE-2024-10238

CVE-2024-10238 affects Supermicro MBD-X12DPG-OA6 firmware image verification. The root cause is a stack overflow caused by not checking fld->used_bytes in the verification path. Public sources in the connected documents describe two related stack-overflow flaws in the firmware image verificati...